فا

‫ Oracle WebLogic Server WLS Security Vulnerability

IRCAD2014043258

Number: IRCAD2014043258
Date: 2014/04/16

Criticality level: Highly critical

Software:

Oracle WebLogic Server 10.x

Oracle WebLogic Server 12.x

Description

A vulnerability has been reported in Oracle WebLogic Server, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an unspecified error within the "WLS Security" sub-component, which can be exploited to take over the server and subsequently e.g. execute arbitrary code.

The vulnerability is reported in versions 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0.

Solution:

Apply updates (please see the vendor's advisory for details).

Resources:

Oracle:
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixFMW

secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

مشخصات خبر

 
تاریخ ایجاد: 30 فروردین 1393

امتیاز

امتیاز شما
تعداد امتیازها: 0