CVE-2008-3257
Scores
EPSS
0.808high80.8%
0%20%40%60%80%100%
Percentile: 80.8%
CVSS
10.0critical2.0
0246810
CVSS Score: 10.0/10
All CVSS Scores
CVSS 2.0
10.0Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
AC:L
Authentication
None (N)
Describes the level of privileges an attacker must possess
Au:N
Confidentiality Impact
Complete
Measures the impact to the confidentiality of information
C:C
Integrity Impact
Complete
Measures the impact to integrity of a successfully exploited vulnerability
I:C
Availability Impact
Complete
Measures the impact to the availability of the impacted component
A:C
Description
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after “POST /.jsp” in an HTTP request.
Scaner-VS 7 — a modern vulnerability management solution
Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7Sources
nvd
CWEs
CWE-119
Exploits
Vulnerable Software (2)
Type: Configuration
Vendor: *
Product: apache_connector_in_weblogic_server
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:3.1.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.0:*:*:*:*:*:*:*...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:3.1.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.0.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5.1:sp15:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5.2:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5.2:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp10:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp11:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp12:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp13:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp7:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp8:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp9:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.0:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.0:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.0:sp6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp7:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp8:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp7:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:ga:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:sp5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.1:ga:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.2:mp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.2:mp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:10.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea_systems:apache_connector_in_weblogic_server:*:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea_systems:weblogic_server:10.0_mp1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:weblogic_server:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.3", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: *
Product: weblogic_server
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:3.1.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.0:*:*:*:*:*:*:*...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:3.1.8:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.0.4:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5.1:sp15:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5.2:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:4.5.2:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp10:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp11:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp12:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp13:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp7:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp8:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:5.1:sp9:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.0:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.0:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.0:sp6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp7:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:6.1:sp8:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0:sp7:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:7.0.0.1:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:8.1:sp6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:ga:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:sp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:sp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:sp3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:sp4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.0:sp5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.1:ga:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.2:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.2:mp1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:9.2:mp2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea:weblogic_server:10.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea_systems:apache_connector_in_weblogic_server:*:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:bea_systems:weblogic_server:10.0_mp1:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:weblogic_server:*:*:*:*:*:*:*:*", "versionEndIncluding": "10.3", "vulnerable": true } ], "operator": "OR"}
Source: nvd
End of list