CVE-2005-4760 Information

Description

BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier and 7.0 SP5 and earlier when fullyDelegatedAuthorization is enabled for a servlet does not cause servlet deployment to fail when failures occur in authorization or role providers which might prevent the servlet from being \fully protected.\

Reference

http://dev2dev.bea.com/pub/advisory/151 http://secunia.com/advisories/17138 http://www.securityfocus.com/bid/15052