← Back

CVE-2008-4008

nvd nist
Published: Oct 14, 2008Modified: Apr 23, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter.

Affected (8)

Oracle
1 product
Bea Product Suite
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Bea Product Suite
Version 10.0 mp1
Bea Product Suite
Version 10.3
Bea Product Suite
Version 6.1 sp7
Bea Product Suite
Version 7.0 sp7
Bea Product Suite
Version 8.1 sp6
Bea Product Suite
Version 9.0
Bea Product Suite
Version 9.1
Bea Product Suite
Version 9.2 mp3

References (8)

Source: secalert_us@oracle.com
Source: secalert_us@oracle.com
Source: secalert_us@oracle.com
Source: secalert_us@oracle.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.