CVE-2006-1352
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
22/03/2006
Last modified:
03/04/2025
Description
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, 7.0 SP6 and earlier, and WebLogic Server 6.1 SP7 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via crafted non-canonicalized XML documents.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:bea:weblogic_server:6.1:*:express:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:*:win32:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp1:express:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp1:win32:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp2:express:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp2:win32:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp3:express:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp4:express:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp4:win32:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp5:express:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp5:win32:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp6:express:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp6:win32:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp7:express:*:*:*:*:* | ||
| cpe:2.3:a:bea:weblogic_server:6.1:sp7:win32:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://dev2dev.bea.com/pub/advisory/183
- http://secunia.com/advisories/19310
- http://securitytracker.com/id?1015790=
- http://www.securityfocus.com/bid/17167
- http://www.vupen.com/english/advisories/2006/1021
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25348
- http://dev2dev.bea.com/pub/advisory/183
- http://secunia.com/advisories/19310
- http://securitytracker.com/id?1015790=
- http://www.securityfocus.com/bid/17167
- http://www.vupen.com/english/advisories/2006/1021
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25348