BEA.WebLogic.Server.Double.Dot.Buffer.Overflow

description-logoDescription

This indicates a potential buffer overflow exploit with BEA Systems Weblogic Server.


BEA WebLogic Platform delivers application infrastructure technology in a single, unified, easy-to-use platform for application development, deployment, and management. The vulnerability is exploited when a specially crafted URL request is sent to the webserver. There is an unchecked buffer that exists in a handler that processes the URL request. This could result in either the server crashing or arbitrary code being executed on the system in the security context of the web server.

affected-products-logoAffected Products

Bea WebLogic Server for Windows NT prior to V5.1.0 - Service Pack 7

Impact logoImpact

This vulnerability allows remote attackers to traverse folders and read arbitrary files.

recomended-action-logoRecommended Actions

Apply appropriate patches or upgrade the system to the latest non-vulnerable version.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-22 16.984 Name:BEA.
Weblogic.
Double.
Dot.
Buffer.
Overflow:BEA.
WebLogic.
Server.
Double.
Dot.
Buffer.
Overflow