Oracle Security Alert for CVE-2010-0073
SECURITY ALERT CVE-2010-0073 - This Security Alert addresses security issue CVE-2010-0073, a vulnerability in the Node Manager component of Oracle WebLogic Server. This vulnerability may be remotely exploitable without authentication, i.e. it may be exploited over a network without the need for a username and password. A knowledgeable and malicious remote user can exploit this vulnerability which can result in impacting the availability, integrity and confidentiality of the targeted system.
Supported and affected products
|
• Oracle WebLogic Server 11gR1 releases (10.3.1 and 10.3.2) |
|
|
• Oracle WebLogic Server 10gR3 release (10.3.0) |
|
|
• Oracle WebLogic Server 10.0 through MP2 |
|
|
• Oracle WebLogic Server 9.0, 9.1, 9.2 through MP3 |
|
|
• Oracle WebLogic Server 8.1 through SP6 |
|
|
• Oracle WebLogic Server 7.0 through SP7 |
|
Patch availability
Patches and relevant information for protection against this vulnerability can be found at:
Oracle strongly recommends that the fix for this vulnerability be applied as soon as possible.
Need advise? Contact Sennac, Martijn Deijl m.deijl@sennac.com or 00 31 (1)0 4777695.
