VULHUB ™

Input validation issues have been reported in a WebLogic internal servlet that is used by the web management interface. Unauthenticated users may exploit these issues in the internal servlet to upload malicious files to a host running the vulnerable software or disclose the contents of sensitive files. This could result in execution of arbitrary commands or other attacks. These issues were reported to affect BEA WebLogic Server. BEA WebLogic Express may also be affected, so users of WebLogic Express are also advised to apply the provided patches.

Input validation issues have been reported in a WebLogic internal servlet that is used by the web management interface. Unauthenticated users may exploit these issues in the internal servlet to upload malicious files to a host running the vulnerable software or disclose the contents of sensitive files. This could result in execution of arbitrary commands or other attacks. These issues were reported to affect BEA WebLogic Server. BEA WebLogic Express may also be affected, so users of WebLogic Express are also advised to apply the provided patches.