CVE-2003-1224 Information

Description

Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext which allows attackers to read a user’s password by physically observing (\shoulder surfing) the screen.

Reference

http://dev2dev.bea.com/pub/advisory/22 http://www.securityfocus.com/bid/7563