VYPR
Unrated severityNVD Advisory· Published May 16, 2007· Updated Jun 16, 2026

CVE-2007-2705

CVE-2007-2705

Description

Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP1 and WebLogic Workshop 8.1 SP2 through SP6, when "deployed in an exploded format," allows remote attackers to list a WebLogic Workshop Directory (wlwdir) parent directory via unspecified vectors.

Affected products

8
  • cpe:2.3:a:bea:weblogic_integration:9.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:bea:weblogic_integration:9.2:*:*:*:*:*:*:*
    • (no CPE)range: <=9.2 (before SP1)
  • cpe:2.3:a:bea:weblogic_workshop:8.1:sp2:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:bea:weblogic_workshop:8.1:sp2:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_workshop:8.1:sp3:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_workshop:8.1:sp4:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_workshop:8.1:sp5:*:*:*:*:*:*
    • cpe:2.3:a:bea:weblogic_workshop:8.1:sp6:*:*:*:*:*:*
    • (no CPE)range: >=8.1 SP2, <=8.1 SP6

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.