Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
AV:N/AC:L/Au:N/C:C/I:C/A:CBea Weblogic Server
APPBea10.03.1.84.04.0.44.54.5.14.5.25.16.06.17.07.0.0.18.19.09.1+ 1 więcejBea Systems Apache Connector In Weblogic Server
APPBea Systemswszystkie wersjeBea Systems Weblogic Server
APPBea Systems10.0_mp1Oracle Weblogic Server
APPOracle≤ 10.3
Related vulnerabilities
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supporte...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supporte...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported v...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported v...