CVE-2010-0073 - Vulnerability Details

Vendors	Products
Oracle	Weblogic Server

Link	Providers
http://secunia.com/advisories/39439
http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html
http://www.us-cert.gov/cas/techalerts/TA10-103B.html
http://www.vupen.com/english/advisories/2010/0216

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-02-04T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2010-04-17T09:00:00", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "TA10-103B", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"}, {"name": "ADV-2010-0216", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0216"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html"}, {"name": "39439", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/39439"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2010-0073", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "TA10-103B", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"}, {"name": "ADV-2010-0216", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0216"}, {"name": "http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html"}, {"name": "39439", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39439"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:37:53.012Z"}, "title": "CVE Program Container", "references": [{"name": "TA10-103B", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"}, {"name": "ADV-2010-0216", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/0216"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html"}, {"name": "39439", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/39439"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2010-0073", "datePublished": "2010-04-14T17:00:00", "dateReserved": "2009-12-16T00:00:00", "dateUpdated": "2024-08-07T00:37:53.012Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2010-02-04T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2010-04-17T09:00:00 (string)

orgId : 43595867-4340-4103-b7a2-9a5208d29a85 (string)

shortName : oracle (string)

}

references : [ »

0 : { »

name : TA10-103B (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA10-103B.html (string)

}

1 : { »

name : ADV-2010-0216 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2010/0216 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html (string)

}

3 : { »

name : 39439 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/39439 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : secalert_us@oracle.com (string)

ID : CVE-2010-0073 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : TA10-103B (string)

refsource : CERT (string)

url : http://www.us-cert.gov/cas/techalerts/TA10-103B.html (string)

}

1 : { »

name : ADV-2010-0216 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2010/0216 (string)

}

2 : { »

name : http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html (string)

refsource : CONFIRM (string)

url : http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html (string)

}

3 : { »

name : 39439 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/39439 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T00:37:53.012Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : TA10-103B (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

2 : x_transferred (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA10-103B.html (string)

}

1 : { »

name : ADV-2010-0216 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2010/0216 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html (string)

}

3 : { »

name : 39439 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/39439 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 43595867-4340-4103-b7a2-9a5208d29a85 (string)

assignerShortName : oracle (string)

cveId : CVE-2010-0073 (string)

datePublished : 2010-04-14T17:00:00 (string)

dateReserved : 2009-12-16T00:00:00 (string)

dateUpdated : 2024-08-07T00:37:53.012Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:weblogic_server:7.0:sp7:*:*:*:-:*:*", "matchCriteriaId": "5788493F-DA70-4A73-8EA2-6DD2FBFDCC2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:8.1:sp6:*:*:*:-:*:*", "matchCriteriaId": "A99E15B3-455E-40E4-A98A-5A180C6E87C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:9.0:-:*:*:*:-:*:*", "matchCriteriaId": "097579DE-AEC3-4A76-8E76-009677F75DE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:9.1:-:*:*:*:-:*:*", "matchCriteriaId": "74431845-CEBF-423A-AD64-1DC177DB9282", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack3:*:*:*:-:*:*", "matchCriteriaId": "4F5FBDB2-4769-4540-B2EF-C28C3D14CB60", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:10.0:maintenance_pack2:*:*:*:-:*:*", "matchCriteriaId": "BA5901C7-9B25-4D5A-878C-6F457226BFBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "58B1DD57-050A-4A82-9E73-0C29DC22B581", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el WebLogic Server en Oracle WebLogic Server v7.0 SP7,v8.1 SP6, v9.0, v9.1, v9.2 MP3, v10.0 MP2, y v10.3.2, permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos."}], "id": "CVE-2010-0073", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-04-14T17:30:00.367", "references": [{"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/39439"}, {"source": "secalert_us@oracle.com", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0216"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/39439"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0216"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:oracle:weblogic_server:7.0:sp7:*:*:*:-:*:* (string)

matchCriteriaId : 5788493F-DA70-4A73-8EA2-6DD2FBFDCC2B (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:oracle:weblogic_server:8.1:sp6:*:*:*:-:*:* (string)

matchCriteriaId : A99E15B3-455E-40E4-A98A-5A180C6E87C6 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:oracle:weblogic_server:9.0:-:*:*:*:-:*:* (string)

matchCriteriaId : 097579DE-AEC3-4A76-8E76-009677F75DE7 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:oracle:weblogic_server:9.1:-:*:*:*:-:*:* (string)

matchCriteriaId : 74431845-CEBF-423A-AD64-1DC177DB9282 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:oracle:weblogic_server:9.2:maintenance_pack3:*:*:*:-:*:* (string)

matchCriteriaId : 4F5FBDB2-4769-4540-B2EF-C28C3D14CB60 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:oracle:weblogic_server:10.0:maintenance_pack2:*:*:*:-:*:* (string)

matchCriteriaId : BA5901C7-9B25-4D5A-878C-6F457226BFBC (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:oracle:weblogic_server:10.3.2.0.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 58B1DD57-050A-4A82-9E73-0C29DC22B581 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. (string)

}

1 : { »

lang : es (string)

value : Vulnerabilidad no especificada en el WebLogic Server en Oracle WebLogic Server v7.0 SP7,v8.1 SP6, v9.0, v9.1, v9.2 MP3, v10.0 MP2, y v10.3.2, permite a atacantes remotos comprometer la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. (string)

}

]

id : CVE-2010-0073 (string)

lastModified : 2025-04-11T00:51:21.963 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 10 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:N/AC:L/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2010-04-14T17:30:00.367 (string)

references : [ »

0 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/39439 (string)

}

1 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Broken Link (string)

1 : Patch (string)

2 : Vendor Advisory (string)

]

url : http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html (string)

}

2 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA10-103B.html (string)

}

3 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2010/0216 (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/39439 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

1 : Patch (string)

2 : Vendor Advisory (string)

]

url : http://www.oracle.com/technology/deploy/security/alerts/alert-cve-2010-0073.html (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA10-103B.html (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2010/0216 (string)

}

]

sourceIdentifier : secalert_us@oracle.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object