CVE-2005-4763 Information

Description

BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier 7.0 SP6 and earlier and 6.1 SP7 and earlier when Internet Inter-ORB Protocol (IIOP) is used sometimes include a password in an exception message that is sent to a client or stored in a log file which might allow remote attackers to perform unauthorized actions.

Reference

http://dev2dev.bea.com/pub/advisory/154 http://secunia.com/advisories/17138 http://www.securityfocus.com/bid/15052