CVE-2009-1016

Risk Scores

Exploit Intelligence

• SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt [disabled] (vulnetix)
• SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt [disabled] (community-snort)
• SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt [disabled] (community-snort)
• 1022059 (circl)
• 34461 (circl)
• TA09-105A (circl)
• http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html (circl)
• http://secunia.com/secunia_research/2009-23/ (circl)
• oracle-bea-ssl-bo(64934) (circl)
• Oracle APEX 3.2 - Unprivileged DB users can see APEX Password hashes - Multiple local Exploit (variot)

…and 7 more exploits

Timeline

• CVE Published
• Apr 9, 2009 PoC Published
• Feb 4, 2022 EPSS Score
• Mar 29, 2022 EPSS Score
• Jul 12, 2022 EPSS Score
• Sep 4, 2022 EPSS Score
• Dec 18, 2022 EPSS Score
• Feb 9, 2023 EPSS Score
• Apr 3, 2023 EPSS Score
• Apr 18, 2023 EPSS Score
• Jun 3, 2023 EPSS Score
• Jul 17, 2023 EPSS Score

References

• https://cert.ssi.gouv.fr/avis/CERTA-2009-AVI-154/ advisory
• http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html advisory