BEA Weblogic May Run Arbitrary Code

 

Reported August 14, 2000 by
CORE SDI

VERSIONS EFFECTED
  • BEA Systems Weblogic 5.x

DESCRIPTION

An unchecked buffers exist within Weblogic logic plug-in that can allow arbitrary code to execute on the server in the same security context that Weblogic proxy server runs under.

VENDOR RESPONSE

BEA Systems has released a bulletin and patches to correct the matter.

CREDIT
Discovered by
CORE SDI

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish