Stack-based Buffer Overflow Vulnerability in WebLogic Server by BEA Systems
CVE-2009-1016

Currently unrated

Key Information:

Vendor: Oracle
Status: Bea Product Suite
Vendor: CVE Published:; 15 April 2009

Summary

A buffer overflow vulnerability exists in the WebLogic Server component of BEA Product Suite affecting multiple versions. This flaw enables remote authenticated users to potentially manipulate the server's confidentiality, integrity, and availability. A notable concern arises from claims that this vulnerability may involve a stack-based buffer overflow triggered by a crafted SSL certificate and an unspecified server plug-in. Organizations using affected versions should immediately assess their environments to mitigate potential risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/64934

vdb-entryx_refsource_XF

http://www.securitytracker.com/id?1022059

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/34461

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 15, 2009
Vulnerability Reserved
Mar 19, 2009