Oracle WebLogic Server Node Manager Unspecified Vulnerability

Secunia ID	SA38473
CVE-ID	CVE-2010-0073
Release Date	08 Feb 2010
Last Change	15 Sep 2010
Criticality	Moderately Critical
Solution Status	Vendor Patch
Software	Oracle WebLogic Server 10.x Oracle WebLogic Server 7.x Oracle WebLogic Server 8.x Oracle WebLogic Server 9.x
Where	From local network
Impact	System access This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
Description	A vulnerability has been reported in Oracle WebLogic Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error. Further information is currently not available. This may be related to: SA38345 The vulnerability is reported in the following version: * Oracle WebLogic Server 11gR1 releases (10.3.1 and 10.3.2) * Oracle WebLogic Server 10gR3 release (10.3.0) * Oracle WebLogic Server 10.0 through MP2 * Oracle WebLogic Server 9.0, 9.1, 9.2 through MP3 * Oracle WebLogic Server 8.1 through SP6 * Oracle WebLogic Server 7.0 through SP7 NOTE: For WebLogic Server versions 7.0. and 8.1 only an impact on availability has been reported.
Solution	Apply the patches. https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1058764.1
Original Advisory	http://www.oracle.com/technetwork/topics/security/alert-cve-2010-0073-099291.html