Stack overflow

2008-07-2216:41:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

Low

0.94 High

EPSS

Percentile

99.2%

JSON

Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after “POST /.jsp” in an HTTP request.

CPENameOperatorVersion
weblogic_servereq7.0.0.1 sp4
weblogic_servereq6.1 sp4
weblogic_servereq4.5.2 sp1
weblogic_servereq4.5.1
weblogic_servereq7.0 sp7
weblogic_servereq9.2 mp2
weblogic_servereq8.1
weblogic_servereq6.1 sp5
weblogic_servereq4.5.2
weblogic_servereq9.0

Name	Operator	Version
weblogic_server	eq	7.0.0.1 sp4
weblogic_server	eq	6.1 sp4
weblogic_server	eq	4.5.2 sp1
weblogic_server	eq	4.5.1
weblogic_server	eq	7.0 sp7
weblogic_server	eq	9.2 mp2
weblogic_server	eq	8.1
weblogic_server	eq	6.1 sp5
weblogic_server	eq	4.5.2
weblogic_server	eq	9.0