Unrated severityNVD Advisory· Published May 16, 2007· Updated Jun 16, 2026
CVE-2007-2705
CVE-2007-2705
Description
Directory traversal vulnerability in the Test View Console in BEA WebLogic Integration 9.2 before SP1 and WebLogic Workshop 8.1 SP2 through SP6, when "deployed in an exploded format," allows remote attackers to list a WebLogic Workshop Directory (wlwdir) parent directory via unspecified vectors.
Affected products
8cpe:2.3:a:bea:weblogic_integration:9.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:bea:weblogic_integration:9.2:*:*:*:*:*:*:*
- (no CPE)range: <=9.2 (before SP1)
cpe:2.3:a:bea:weblogic_workshop:8.1:sp2:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:bea:weblogic_workshop:8.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_workshop:8.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_workshop:8.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_workshop:8.1:sp5:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_workshop:8.1:sp6:*:*:*:*:*:*
- (no CPE)range: >=8.1 SP2, <=8.1 SP6
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.