漏洞类别:Web server漏洞等级: 
漏洞信息
BEA Systems WebLogic Server is an Enterprise-level Web and wireless application server.
Unchecked buffers exist in a particular handler for URL requests that begin with two dots (..).
漏洞危害
Depending on the data entered into the buffer, WebLogic Server could be forced to crash or arbitrary code could be executed on the system in the security context of the Web server.
If random data was sent to crash the server, then you must restart the application in order to regain normal functionality.
解决方案
BEA Systems has confirmed that the following versions are vulnerable:
- Weblogic 4.5 with Service Pack <= 14
- Weblogic 5.1 with Service Pack <= 6
0day
文章评论