Integer Overflow Vulnerability in Oracle BEA WebLogic Server Products
CVE-2009-1012

Currently unrated

Key Information:

Vendor: Oracle
Status: Bea Product Suite
Vendor: CVE Published:; 15 April 2009

Summary

An unspecified vulnerability affects several versions of Oracle BEA WebLogic Server, allowing remote attackers to exploit a potential integer overflow associated with an HTTP request parsing plugin. This may lead to heap-based buffer overflows, posing risks to confidentiality, integrity, and availability of the affected systems. Users of impacted versions should assess their security and apply necessary patches or mitigations to safeguard their environments.

References

http://www.securitytracker.com/id?1022059

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/34461

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/64935

vdb-entryx_refsource_XF

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 15, 2009
Vulnerability Reserved
Mar 19, 2009