WebLogic Server Vulnerability in BEA Product Suite by Oracle
CVE-2008-5461

Currently unrated

Key Information:

Vendor: Oracle
Status: Bea Product Suite
Vendor: CVE Published:; 14 January 2009

Summary

An unspecified vulnerability exists within the WebLogic Server component of the BEA Product Suite, allowing remote attackers to potentially compromise confidentiality, integrity, and availability. It is suggested that this issue may be linked to cross-site scripting, according to claims from reliable researchers. This vulnerability affects multiple versions of the BEA Product Suite, and organizations using these versions should ensure they are taking the necessary security precautions.

References

http://secunia.com/advisories/33526

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2009/0115

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1021571

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Jan 14, 2009
Vulnerability Reserved
Dec 11, 2008