Oracle.WebLogic.Server.Apache.Connector.Buffer.Overflow
Description
This indicates an attack attempt against a buffer-overflow vulnerability in Oracle BEA WebLogic Server Apache Connector.
The vulnerability is caused by a boundary error when the Apache connector handles a specially crafted HTTP request, that could lead to denial of service.
Affected Products
Oracle WebLogic Server (formerly BEA WebLogic Server) 10.0 through MP1
Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 GA
Oracle WebLogic Server (formerly BEA WebLogic Server) 9.0 GA
Oracle WebLogic Server (formerly BEA WebLogic Server) 9.1 GA
Oracle WebLogic Server (formerly BEA WebLogic Server) 9.2 through MP3
Oracle WebLogic Server (formerly BEA WebLogic Server) 8.1 through SP6
Oracle WebLogic Server (formerly BEA WebLogic Server) 7.0 through SP7
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 10.0 through MP1
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 10.2 GA
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 10.3 GA
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 9.2 through MP3
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 8.1 through SP6
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the patch, available from the website:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-22 | 16.984 | Name:Oracle. BEA. WebLogic. Server. Apache. Connector. Buffer. Overflow:Oracle. WebLogic. Server. Apache. Connector. Buffer. Overflow |