CVE-2007-6384

Summary

CVE	CVE-2007-6384
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2007-12-15 02:46:00 UTC
Updated	2017-08-08 01:29:00 UTC
Description	Unspecified vulnerability in the Image Converter functionality in BEA WebLogic Mobility Server 3.3, 3.5, and 3.6 through 3.6 SP1 allows remote attackers to obtain application file and resource access via unspecified vectors.

Risk And Classification

Problem Types: CWE-287

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Bea	Weblogic Mobility Server	3.3	All	All	All
Application	Bea	Weblogic Mobility Server	3.5	All	All	All
Application	Bea	Weblogic Mobility Server	3.6	All	All	All
Application	Bea	Weblogic Mobility Server	3.6	sp1	All	All
Application	Bea	Weblogic Mobility Server	3.3	All	All	All
Application	Bea	Weblogic Mobility Server	3.5	All	All	All
Application	Bea	Weblogic Mobility Server	3.6	All	All	All
Application	Bea	Weblogic Mobility Server	3.6	sp1	All	All

References

Reference	Source	Link	Tags
41880	OSVDB	osvdb.org
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com
BEA WebLogic Mobility Server Image Converter Security Bypass - Advisories - Secunia	SECUNIA	secunia.com	Patch, Vendor Advisory
Oracle Fusion Middleware Technologies	BEA	dev2dev.bea.com	Vendor Advisory
WebLogic Mobility Server Image Converter Lets Remote Users Access Resources - SecurityTracker	SECTRACK	www.securitytracker.com	Patch
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.