{"api_version":"1","generated_at":"2026-04-23T06:58:42+00:00","cve":"CVE-2007-0425","urls":{"html":"https://cve.report/CVE-2007-0425","api":"https://cve.report/api/cve/CVE-2007-0425.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-0425","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-0425"},"summary":{"title":"CVE-2007-0425","description":"Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 through 8.1 SP5, and JRockit 1.4.2 R4.5 and earlier, allows attackers to gain privileges via unspecified vectors, related to an \"overflow condition,\" probably a buffer overflow.","state":"PUBLISHED","assigner":"mitre","published_at":"2007-01-23 00:28:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.5","severity":"","vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://dev2dev.bea.com/pub/advisory/222","name":"http://dev2dev.bea.com/pub/advisory/222","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"An overflow condition may occur in products using BEA JRockit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/38515","name":"http://osvdb.org/38515","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2007/0213","name":"http://www.vupen.com/english/advisories/2007/0213","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail - OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/23750","name":"http://secunia.com/advisories/23750","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"BEA WebLogic Multiple Vulnerabilities and Security Issues - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1017525","name":"http://securitytracker.com/id?1017525","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"SecurityTracker.com Archives - WebLogic Bugs Let Remote Users Gain Access, Obtain Information, and Deny Service","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-0425","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-0425","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"425","vulnerable":"1","versionEndIncluding":"1.4.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"bea","cpe5":"jrockit","cpe6":"*","cpe7":"r24.5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"425","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"bea","cpe5":"weblogic_server","cpe6":"8.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"425","vulnerable":"1","versionEndIncluding":"8.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"bea","cpe5":"weblogic_server","cpe6":"*","cpe7":"sp5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T12:19:30.366Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1017525","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1017525"},{"name":"23750","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/23750"},{"name":"BEA07-155.00","tags":["vendor-advisory","x_refsource_BEA","x_transferred"],"url":"http://dev2dev.bea.com/pub/advisory/222"},{"name":"ADV-2007-0213","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2007/0213"},{"name":"38515","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/38515"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2007-01-16T00:00:00.000Z","descriptions":[{"lang":"en","value":"Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 through 8.1 SP5, and JRockit 1.4.2 R4.5 and earlier, allows attackers to gain privileges via unspecified vectors, related to an \"overflow condition,\" probably a buffer overflow."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2008-11-13T10:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"1017525","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1017525"},{"name":"23750","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/23750"},{"name":"BEA07-155.00","tags":["vendor-advisory","x_refsource_BEA"],"url":"http://dev2dev.bea.com/pub/advisory/222"},{"name":"ADV-2007-0213","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2007/0213"},{"name":"38515","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/38515"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-0425","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 through 8.1 SP5, and JRockit 1.4.2 R4.5 and earlier, allows attackers to gain privileges via unspecified vectors, related to an \"overflow condition,\" probably a buffer overflow."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1017525","refsource":"SECTRACK","url":"http://securitytracker.com/id?1017525"},{"name":"23750","refsource":"SECUNIA","url":"http://secunia.com/advisories/23750"},{"name":"BEA07-155.00","refsource":"BEA","url":"http://dev2dev.bea.com/pub/advisory/222"},{"name":"ADV-2007-0213","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/0213"},{"name":"38515","refsource":"OSVDB","url":"http://osvdb.org/38515"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2007-0425","datePublished":"2007-01-23T00:00:00.000Z","dateReserved":"2007-01-22T00:00:00.000Z","dateUpdated":"2024-08-07T12:19:30.366Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2007-01-23 00:28:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bea:jrockit:*:r24.5:*:*:*:*:*:*","versionEndIncluding":"1.4.2","matchCriteriaId":"9979205D-FC70-4FD8-B69F-AFFA4E8E3979"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:weblogic_server:*:sp5:*:*:*:*:*:*","versionEndIncluding":"8.1","matchCriteriaId":"22897797-8E89-4B31-99B8-B22D6F6056A3"},{"vulnerable":true,"criteria":"cpe:2.3:a:bea:weblogic_server:8.1:*:*:*:*:*:*:*","matchCriteriaId":"E08D4CEA-9ACC-4869-BC87-3524A059914F"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"425","Ordinal":"1","Title":"CVE-2007-0425","CVE":"CVE-2007-0425","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"425","Ordinal":"1","NoteData":"Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 through 8.1 SP5, and JRockit 1.4.2 R4.5 and earlier, allows attackers to gain privileges via unspecified vectors, related to an \"overflow condition,\" probably a buffer overflow.","Type":"Description","Title":"CVE-2007-0425"},{"CveYear":"2007","CveId":"425","Ordinal":"2","NoteData":"2007-01-22","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"425","Ordinal":"3","NoteData":"2008-11-13","Type":"Other","Title":"Modified"}]}}}