virus logo Intrusion Prevention

Oracle.WebLogic.Server.Apache.Connector.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a buffer-overflow vulnerability in Oracle BEA WebLogic Server Apache Connector.
The vulnerability is caused by a boundary error when the Apache connector handles a specially crafted HTTP request, that could lead to denial of service.

affected-products-logoAffected Products

Oracle WebLogic Server (formerly BEA WebLogic Server) 10.0 through MP1
Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 GA
Oracle WebLogic Server (formerly BEA WebLogic Server) 9.0 GA
Oracle WebLogic Server (formerly BEA WebLogic Server) 9.1 GA
Oracle WebLogic Server (formerly BEA WebLogic Server) 9.2 through MP3
Oracle WebLogic Server (formerly BEA WebLogic Server) 8.1 through SP6
Oracle WebLogic Server (formerly BEA WebLogic Server) 7.0 through SP7
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 10.0 through MP1
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 10.2 GA
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 10.3 GA
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 9.2 through MP3
Oracle WebLogic Portal (formerly BEA WebLogic Portal) 8.1 through SP6

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the patch, available from the website:

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-22 16.984 Name:Oracle.
BEA.
WebLogic.
Server.
Apache.
Connector.
Buffer.
Overflow:Oracle.
WebLogic.
Server.
Apache.
Connector.
Buffer.
Overflow
ID 17223
Created Feb 19, 2009
Updated Nov 10, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2008-5457
Exploit Prediction Score 96.81%
Default Action drop
Active
Affected OS Windows
Affected App Apache, Oracle