Oracle WebLogic Server Deserialization Remote Command Execution Vulnerability

Bugtraq ID: 108074
Class: Serialization Error
CVE: CVE-2019-2725
Remote: Yes
Local: No
Published: Apr 25 2019 12:00AM
Updated: Jul 17 2019 07:00AM
Credit: Badcode, Liao Xinxi, ZengShuai Hao, Zhiyi Zhang, and Hongwei Pan, Lin Zheng, Song Keya, and Tianlei Li, Xu Yuanzhen
Vulnerable: Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Tape Virtual Storage Manager GUI 6.2
Oracle StorageTek Tape Analytics SW Tool 2.3
Oracle Agile PLM 9.3.5
Oracle Agile PLM 9.3.3
Oracle Agile PLM 9.3.4
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus