CVE-2010-2375
Summary
| CVE | CVE-2010-2375 |
|---|---|
| State | PUBLISHED |
| Assigner | oracle |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-07-13 22:30:02 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS. |
Risk And Classification
Primary CVSS: v2.0 6.4 from [email protected]
AV:N/AC:L/Au:N/C:P/I:P/A:N
Problem Types: NVD-CWE-noinfo | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
NoneAV:N/AC:L/Au:N/C:P/I:P/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Bea | Weblogic Server | 7.0 | sp7 | All | All |
| Application | Bea | Weblogic Server | 8.1 | sp6 | All | All |
| Application | Bea | Weblogic Server | 9.0 | All | All | All |
| Application | Bea | Weblogic Server | 9.1 | All | All | All |
| Application | Bea | Weblogic Server | 9.2 | mp3 | All | All |
| Application | Bea Systems | Weblogic Server | 10.0 | mp2 | All | All |
| Application | Oracle | Weblogic Server | 10.3.2.0.0 | All | All | All |
| Application | Oracle | Weblogic Server | 10.3.3.0.0 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Oracle Critical Patch Update Pre-Release Announcement - October 2010 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.