CVE-2007-4613 Information

Description

SSL libraries in BEA WebLogic Server 6.1 Gold through SP7 7.0 Gold through SP7 and 8.1 Gold through SP5 might allow remote attackers to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an error response a different vulnerability than CVE-2006-2461.

Reference

http://dev2dev.bea.com/pub/advisory/201 http://osvdb.org/45838 http://www.securityfocus.com/bid/22082