Remote Code Execution Vulnerability in Oracle BEA WebLogic Server Plugins
CVE-2008-5457

Currently unrated

Key Information:

Vendor: Oracle
Status: Bea Product Suite
Vendor: CVE Published:; 14 January 2009

Summary

An unspecified vulnerability exists in the Oracle BEA WebLogic Server Plugins for Apache, Sun, and IIS web servers. This issue can be exploited by remote attackers to compromise the confidentiality, integrity, and availability of affected systems. The vulnerability affects multiple versions of the BEA Product Suite, exposing users to significant security risks through unknown attack vectors.

References

http://secunia.com/advisories/33526

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2009/0115

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1021571

vdb-entryx_refsource_SECTRACK

EPSS Score

81% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 14, 2009
Vulnerability Reserved
Dec 11, 2008