First published: Tue Jul 22 2008(Updated: )
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
BEA Weblogic Server | =7.0.0.1-sp4 | |
BEA Weblogic Server | =6.1-sp4 | |
BEA Weblogic Server | =4.5.2-sp1 | |
BEA Weblogic Server | =4.5.1 | |
BEA Weblogic Server | =7.0-sp7 | |
BEA Weblogic Server | =9.2-mp2 | |
BEA Weblogic Server | =8.1 | |
BEA Weblogic Server | =6.1-sp5 | |
BEA Weblogic Server | =4.5.2 | |
BEA Weblogic Server | =9.0 | |
BEA Weblogic Server | =9.2 | |
BEA Weblogic Server | =6.1-sp6 | |
BEA Weblogic Server | =7.0-sp4 | |
BEA Weblogic Server | =9.0-sp3 | |
BEA Weblogic Server | =7.0 | |
BEA Weblogic Server | =9.0-sp1 | |
BEA Weblogic Server | =7.0.0.1-sp1 | |
BEA Weblogic Server | =6.0-sp2 | |
BEA Weblogic Server | =5.1-sp12 | |
BEA Weblogic Server | =5.1-sp11 | |
BEA Weblogic Server | =5.1 | |
BEA Weblogic Server | =6.1-sp3 | |
Oracle WebLogic Server | <=10.3 | |
BEA Weblogic Server | =5.1-sp1 | |
BEA Weblogic Server | =6.1-sp8 | |
BEA Weblogic Server | =7.0-sp6 | |
BEA Weblogic Server | =7.0-sp3 | |
BEA Weblogic Server | =8.1-sp5 | |
BEA Weblogic Server | =8.1-sp3 | |
BEA Weblogic Server | =7.0-sp2 | |
BEA Weblogic Server | =9.0-ga | |
BEA Weblogic Server | =3.1.8 | |
BEA Weblogic Server | =9.0-sp5 | |
BEA Weblogic Server | =4.5.1-sp15 | |
BEA Weblogic Server | =9.0-sp2 | |
BEA Weblogic Server | =5.1-sp6 | |
BEA Weblogic Server | =4.5 | |
BEA Weblogic Server | =7.0-sp5 | |
BEA Weblogic Server | =9.1 | |
BEA Weblogic Server | =6.1-sp1 | |
BEA Weblogic Server | =10.0 | |
BEA Weblogic Server | =6.0 | |
Bea Systems Weblogic Server | =10.0_mp1 | |
BEA Weblogic Server | =9.2-mp1 | |
BEA Weblogic Server | =5.1-sp4 | |
BEA Weblogic Server | =5.1-sp3 | |
BEA Weblogic Server | =6.0-sp6 | |
BEA Weblogic Server | =5.1-sp8 | |
BEA Weblogic Server | =8.1-sp2 | |
BEA Weblogic Server | =5.1-sp13 | |
BEA Weblogic Server | =5.1-sp10 | |
BEA Weblogic Server | =6.1 | |
BEA Weblogic Server | =6.0-sp1 | |
BEA Weblogic Server | =7.0.0.1 | |
BEA Weblogic Server | =5.1-sp5 | |
BEA Weblogic Server | =5.1-sp9 | |
BEA Weblogic Server | =7.0-sp1 | |
BEA Weblogic Server | =7.0.0.1-sp2 | |
BEA Weblogic Server | =8.1-sp6 | |
BEA Weblogic Server | =4.0.4 | |
BEA Weblogic Server | =8.1-sp1 | |
BEA Weblogic Server | =8.1-sp4 | |
BEA Weblogic Server | =6.1-sp2 | |
BEA Weblogic Server | =9.0-sp4 | |
BEA Weblogic Server | =6.1-sp7 | |
BEA Weblogic Server | =4.5.2-sp2 | |
BEA Weblogic Server | =9.1-ga | |
BEA Weblogic Server | =7.0.0.1-sp3 | |
BEA Weblogic Server | =5.1-sp7 | |
Bea Systems Apache Connector In Weblogic Server | ||
BEA Weblogic Server | =4.0 | |
BEA Weblogic Server | =5.1-sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.