CVE-2005-1747: XSS
First published: Tue May 24 2005(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 6, allow remote attackers to inject arbitrary web script or HTML, and possibly gain administrative privileges, via the (1) j_username or (2) j_password parameters in the login page (LoginForm.jsp), (3) parameters to the error page in the Administration Console, (4) unknown vectors in the Server Console while the administrator has an active session to obtain the ADMINCONSOLESESSION cookie, or (5) an alternate vector in the Server Console that does not require an active session but also leaks the username and password.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle WebLogic Server | =8.1 | |
| Oracle WebLogic Server | =8.1-sp4 | |
| Oracle WebLogic Server | =7.0-sp2 | |
| Oracle WebLogic Server | =7.0.0.1-sp4 | |
| Oracle WebLogic Server | =6.1-sp4 | |
| Oracle WebLogic Server | =6.1 | |
| Oracle WebLogic Server | =8.1 | |
| Oracle WebLogic Server | =6.1-sp5 | |
| Oracle WebLogic Server | =6.0-sp1 | |
| Oracle WebLogic Server | =6.1-sp6 | |
| Oracle WebLogic Server | =7.0-sp4 | |
| Oracle WebLogic Server | =6.1-sp1 | |
| Oracle WebLogic Server | =7.0 | |
| Oracle WebLogic Server | =6.0 | |
| Oracle WebLogic Server | =6.1-sp4 | |
| Oracle WebLogic Server | =6.1-sp4 | |
| Oracle WebLogic Server | =7.0.0.1-sp1 | |
| Oracle WebLogic Server | =6.1-sp6 | |
| Oracle WebLogic Server | =6.0-sp2 | |
| Oracle WebLogic Server | =6.0-sp2 | |
| Oracle WebLogic Server | =6.1-sp3 | |
| Oracle WebLogic Server | =6.0-sp2 | |
| Oracle WebLogic Server | =7.0-sp3 | |
| Oracle WebLogic Server | =7.0.0.1-sp4 | |
| Oracle WebLogic Server | =8.1-sp1 | |
| Oracle WebLogic Server | =6.0-sp1 | |
| Oracle WebLogic Server | =7.0.0.1-sp1 | |
| Oracle WebLogic Server | =6.1-sp2 | |
| Oracle WebLogic Server | =8.1-sp3 | |
| Oracle WebLogic Server | =7.0-sp2 | |
| Oracle WebLogic Server | =6.1-sp1 | |
| Oracle WebLogic Server | =8.1-sp3 | |
| Oracle WebLogic Server | =7.0.0.1 | |
| Oracle WebLogic Server | =6.0 | |
| Oracle WebLogic Server | =7.0-sp3 | |
| Oracle WebLogic Server | =7.0.0.1-sp1 | |
| Oracle WebLogic Server | =8.1 | |
| Oracle WebLogic Server | =8.1-sp4 | |
| Oracle WebLogic Server | =7.0-sp5 | |
| Oracle WebLogic Server | =7.0.0.1 | |
| Oracle WebLogic Server | =7.0-sp5 | |
| Oracle WebLogic Server | =7.0-sp5 | |
| Oracle WebLogic Server | =6.1-sp1 | |
| Oracle WebLogic Server | =6.1 | |
| Oracle WebLogic Server | =6.0 | |
| Oracle WebLogic Server | =8.1-sp1 | |
| Oracle WebLogic Server | =7.0-sp2 | |
| Oracle WebLogic Server | =8.1-sp3 | |
| Oracle WebLogic Server | =8.1-sp2 | |
| Oracle WebLogic Server | =6.1 | |
| Oracle WebLogic Server | =6.0-sp1 | |
| Oracle WebLogic Server | =7.0.0.1 | |
| Oracle WebLogic Server | =6.1-sp2 | |
| Oracle WebLogic Server | =7.0.0.1-sp3 | |
| Oracle WebLogic Server | =7.0-sp3 | |
| Oracle WebLogic Server | =7.0-sp1 | |
| Oracle WebLogic Server | =7.0.0.1-sp2 | |
| Oracle WebLogic Server | =6.1-sp5 | |
| Oracle WebLogic Server | =7.0-sp1 | |
| Oracle WebLogic Server | =7.0-sp4 | |
| Oracle WebLogic Server | =8.1-sp1 | |
| Oracle WebLogic Server | =6.1-sp3 | |
| Oracle WebLogic Server | =6.1-sp5 | |
| Oracle WebLogic Server | =7.0-sp1 | |
| Oracle WebLogic Server | =8.1-sp2 | |
| Oracle WebLogic Server | =8.1-sp4 | |
| Oracle WebLogic Server | =7.0.0.1-sp2 | |
| Oracle WebLogic Server | =6.1-sp2 | |
| Oracle WebLogic Server | =7.0 | |
| Oracle WebLogic Server | =8.1-sp2 | |
| Oracle WebLogic Server | =7.0 | |
| Oracle WebLogic Server | =6.1-sp3 | |
| Oracle WebLogic Server | =7.0.0.1-sp3 | |
| Oracle WebLogic Server | =7.0-sp4 | |
| Oracle WebLogic Server | =7.0.0.1-sp2 | |
| BEA WebLogic Portal | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://dev2dev.bea.com/pub/advisory/130
- http://www.securityfocus.com/bid/13717
- http://secunia.com/advisories/15486
- http://www.acrossecurity.com/aspr/ASPR-2005-05-24-1-PUB.txt
- http://www.acrossecurity.com/aspr/ASPR-2005-05-24-2-PUB.txt
- http://www.appsecinc.com/resources/alerts/general/BEA-001.html
- http://www.appsecinc.com/resources/alerts/general/BEA-002.html
- http://securitytracker.com/id?1014049
- http://www.vupen.com/english/advisories/2005/0607
- http://marc.info/?l=bugtraq&m=111695844803328&w=2
- http://marc.info/?l=bugtraq&m=111722380313416&w=2
- http://marc.info/?l=bugtraq&m=111722298705561&w=2
- http://marc.info/?l=bugtraq&m=111695921212456&w=2
Frequently Asked Questions
What is the severity of CVE-2005-1747?
CVE-2005-1747 is classified with a high severity due to its potential for remote code execution via cross-site scripting.
How do I fix CVE-2005-1747?
To mitigate CVE-2005-1747, update your BEA WebLogic Server to the latest version or apply available patches provided by Oracle.
Which versions are affected by CVE-2005-1747?
CVE-2005-1747 affects BEA WebLogic Server and Express versions 8.1 up to Service Pack 4, and 7.0 up to Service Pack 6.
What type of vulnerability is CVE-2005-1747?
CVE-2005-1747 is a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts.
Can CVE-2005-1747 lead to administrative privileges?
Yes, CVE-2005-1747 can potentially allow remote attackers to gain administrative privileges on the affected WebLogic Server.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/references
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- vendor/bea
- product/weblogic server
- canonical/bea weblogic server
- vendor/oracle
- product/weblogic portal
- canonical/oracle weblogic portal
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- canonical/oracle weblogic server
- version/oracle weblogic server/8.1
- version/oracle weblogic server/8.1-sp4
- version/oracle weblogic server/7.0-sp2
- version/oracle weblogic server/7.0.0.1-sp4
- version/oracle weblogic server/6.1-sp4
- version/oracle weblogic server/6.1
- version/oracle weblogic server/6.1-sp5
- version/oracle weblogic server/6.0-sp1
- version/oracle weblogic server/6.1-sp6
- version/oracle weblogic server/7.0-sp4
- version/oracle weblogic server/6.1-sp1
- version/oracle weblogic server/7.0
- version/oracle weblogic server/6.0
- version/oracle weblogic server/7.0.0.1-sp1
- version/oracle weblogic server/6.0-sp2
- version/oracle weblogic server/6.1-sp3
- version/oracle weblogic server/7.0-sp3
- version/oracle weblogic server/8.1-sp1
- version/oracle weblogic server/6.1-sp2
- version/oracle weblogic server/8.1-sp3
- version/oracle weblogic server/7.0.0.1
- version/oracle weblogic server/7.0-sp5
- version/oracle weblogic server/8.1-sp2
- version/oracle weblogic server/7.0.0.1-sp3
- version/oracle weblogic server/7.0-sp1
- version/oracle weblogic server/7.0.0.1-sp2
- canonical/bea weblogic portal
- version/bea weblogic portal/8.0