First published: Sun Dec 31 2000(Updated: )
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
BEA Weblogic Server | =5.1-sp2 | |
BEA Weblogic Server | =5.1-sp5 | |
BEA Weblogic Server | =5.1 | |
BEA Weblogic Server | =5.1-sp1 | |
BEA Weblogic Server | =5.1-sp6 | |
BEA Weblogic Server | =5.1-sp4 | |
BEA Weblogic Server | =5.1-sp3 | |
BEA Weblogic Server | =5.1-sp3 | |
BEA Weblogic Server | =5.1-sp5 | |
BEA Weblogic Server | =5.1-sp1 | |
BEA Weblogic Server | =5.1 | |
BEA Weblogic Server | =5.1-sp6 | |
BEA Weblogic Server | =5.1-sp4 | |
BEA Weblogic Server | =5.1-sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.