QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2005-4752

Back to search

CVE-2005-4752

Published: Apr 1, 2006

Modified: Sep 16, 2024

PUBLISHED

Description

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP6 and earlier, might allow local users to gain privileges by using the run-as deployment descriptor element to change the privileges of a web application or EJB from the Deployer security role to the Admin security role.

VendorProductVersions

n/a

n/a

affected
n/a

References

15052
vdb-entry
x_refsource_BID
17138
third-party-advisory
x_refsource_SECUNIA
BEA05-88.00
vendor-advisory
x_refsource_BEA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now