BEA WebLogic Server 9.1 does not properly handle propagation of an admin server's security policy change log to temporarily unavailable managed servers, which might allow attackers to bypass intended restrictions, a different vulnerability than CVE-2007-0426.
oryginał ENAV:N/AC:L/Au:N/C:P/I:P/A:PBea Weblogic Server
APPBea9.1
Powiązane podatności
BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an application...
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic ...
BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guess...
Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "r...
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 and 7.0 Gold through SP7 allows remote a...