BEA.WebLogic.Server.Double.Dot.Buffer.Overflow
Description
This indicates a potential buffer overflow exploit with BEA Systems Weblogic Server.
BEA WebLogic Platform delivers application infrastructure technology in a single, unified, easy-to-use platform for application development, deployment, and management. The vulnerability is exploited when a specially crafted URL request is sent to the webserver. There is an unchecked buffer that exists in a handler that processes the URL request. This could result in either the server crashing or arbitrary code being executed on the system in the security context of the web server.
Affected Products
Bea WebLogic Server for Windows NT prior to V5.1.0 - Service Pack 7
Impact
This vulnerability allows remote attackers to traverse folders and read arbitrary files.
Recommended Actions
Apply appropriate patches or upgrade the system to the latest non-vulnerable version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-22 | 16.984 | Name:BEA. Weblogic. Double. Dot. Buffer. Overflow:BEA. WebLogic. Server. Double. Dot. Buffer. Overflow |