First published: Sat Dec 31 2005(Updated: )
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not properly validate derived Principals with multiple PrincipalValidators, which might allow attackers to gain privileges.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
BEA Weblogic Server | =8.1 | |
BEA Weblogic Server | =7.0-sp2 | |
BEA Weblogic Server | =8.1 | |
BEA Weblogic Server | =7.0-sp4 | |
BEA Weblogic Server | =7.0 | |
BEA Weblogic Server | =7.0-sp3 | |
BEA Weblogic Server | =8.1-sp3 | |
BEA Weblogic Server | =7.0-sp2 | |
BEA Weblogic Server | =7.0-sp3 | |
BEA Weblogic Server | =8.1-sp4 | |
BEA Weblogic Server | =7.0-sp5 | |
BEA Weblogic Server | =7.0-sp5 | |
BEA Weblogic Server | =8.1-sp1 | |
BEA Weblogic Server | =8.1-sp3 | |
BEA Weblogic Server | =8.1-sp2 | |
BEA Weblogic Server | =7.0-sp1 | |
BEA Weblogic Server | =8.1-sp1 | |
BEA Weblogic Server | =7.0-sp1 | |
BEA Weblogic Server | =8.1-sp4 | |
BEA Weblogic Server | =8.1-sp2 | |
BEA Weblogic Server | =7.0 | |
BEA Weblogic Server | =7.0-sp4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.