CVE-2009-1016 Information
Description
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 10.0 MP1 9.2 MP3 9.1 9.0 8.1 SP6 and 7.0 SP7 allows remote authenticated users to affect confidentiality integrity and availability related to IIS. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow involving an unspecified Server Plug-in and a crafted SSL certificate.
Reference
http://secunia.com/secunia_research/2009-23/ http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.securityfocus.com/bid/34461 http://www.securitytracker.com/id?1022059 http://www.us-cert.gov/cas/techalerts/TA09-105A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/64934
Share on: