Computer Security Global Security Mag Online anti virus spywares job oofers telecom and network security
- english:
- Product Reviews:
- Business News:
- MAGIC QUADRANT :
- Market News:
- WHITE PAPER:
- Special Reports:
- Interviews:
- Opinion:
- EVENTS:
- Security Vulnerability:
- Malware Update:
- Diary:
- Guide & Podcast:
- Jobs:
- International News:
- CONTACTS:
- TRAINING :
Global Security Magazine Online antivirus
Product Reviews
Business News
MAGIC QUADRANT 
Market News
Special Reports
Opinion
EVENTS
Security Vulnerability
Malware Update
Diary
Guide & Podcast
Jobs
International News
CONTACTS
Flux RSS
| Vigil@nce - Oracle AS, WebLogic: several vulnerabilities of July 2010 |
| July 2010 by Vigil@nce |
| This bulletin was written by Vigil@nce : http://vigilance.fr/ SYNTHESIS OF THE VULNERABILITY Several vulnerabilities of Sun Java System Application Server and Oracle WebLogic Server are corrected by the CPU of July 2010. Severity: 2/4 Creation date: 15/07/2010 DESCRIPTION OF THE VULNERABILITY The CPU (Critical Patch Update) of July 2010 corrects several vulnerabilities of Sun Java System Application Server and Oracle WebLogic Server. Oracle’s announce contains a detailed table, summarized below. A remote attacker can use a vulnerability of TLS in order to insert plain text data during a renegotiation via a man-in-the-middle attack (VIGILANCE-VUL-9181 (https://vigilance.fr/tree/1/9181)). [severity:2/4; BID-36935, CVE-2009-3555, VU#120541] An attacker use a malicious url, in order to inject HTTP headers in WebLogic. [severity:2/4; BID-41620, CVE-2010-2375] An attacker can use a vulnerability of Application Server Control, in order to alter information. [severity:2/4; BID-41609, CVE-2010-0081] An attacker can use a vulnerability of Application Server Control, in order to alter information. [severity:2/4; BID-41626, CVE-2010-2381] ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN |
< previous next > |
