Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2004-2320
Description:The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.
Test IDs: 1.3.6.1.4.1.25623.1.0.11213   1.3.6.1.4.1.25623.1.0.55447  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2004-2320
http://dev2dev.bea.com/pub/advisory/68
BugTraq ID: 9506
http://www.securityfocus.com/bid/9506
CERT/CC vulnerability note: VU#867593
http://www.kb.cert.org/vuls/id/867593
http://www.osvdb.org/3726
http://www.securitytracker.com/alerts/2004/Jan/1008866.html
http://secunia.com/advisories/10726
XForce ISS Database: weblogic-trace-xss(14959)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14959




© 1998-2024 E-Soft Inc. All rights reserved.