Oracle.WebLogic.Server.Plug-ins.Certificate.Buffer.Overflow
Description
This indicates an attack attempt against a buffer-overflow vulnerability in BEA WebLogic Server Plugins.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted certificate. It allows a remote attacker to inject arbitrary code.
Affected Products
Oracle WebLogic Server 10.3
Oracle WebLogic Server 10.0 released through MP1
Oracle WebLogic Server 9.2 released through MP3
Oracle WebLogic Server 9.1
Oracle WebLogic Server 9.0
Oracle WebLogic Server 8.1 released through SP6
Oracle WebLogic Server 7.0 released through SP7
Impact
System compromise
Recommended Actions
Apply the patch supplied by the vendor:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-22 | 16.984 | Name:Oracle. BEA. WebLogic. Server. Plug-ins. Certificate. Buffer. Overflow:Oracle. WebLogic. Server. Plug-ins. Certificate. Buffer. Overflow |