• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

BEA Multiple Products Multiple Vulnerabilities

References:

• BEA Security Advisory BEA07-156.00-Inadvertent corruption of WebLogic Portal ent (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-157.00 (Security Advisories and Notifications) (Bea Systems )
  
• Weblogic (BEA Systems)
  
• WebLogic Portal Product Page (BEA Systems)
  
• WebLogic Server Product Homepage (Oracle)
  
• BEA Security Advisory BEA07-134.00 (SSL libraries may be vulnerable to unauthori (BEA Systems Inc)
  
• BEA Security Advisory BEA07-135.00 (Certificate validation condition in WebLogic (BEA Systems Inc)
  
• BEA Security Advisory BEA07-136.00 (JDBCDataSourceFactory MBean password field n (BEA Systems Inc)
  
• BEA Security Advisory BEA07-137.00 (Incorrect thread management may lead to serv (BEA Systems Inc)
  
• BEA Security Advisory BEA07-138.00 (Problem with certificate validation on WebLo (BEA Systems Inc)
  
• BEA Security Advisory BEA07-139.00 (Application files are exposed when deploying (BEA Systems Inc)
  
• BEA Security Advisory BEA07-140.00 (Sensitive attributes may be stored in clear- (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-141.00 (Socket muxer threads may block when processi (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-142.00 (Dynamic updates to applications deployed as (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-143.00 (WS-Security runtime fails to enforce decrypt (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-144.00 (Some EJB calls can be unintentionally execut (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-145.00 (Permissions on EJB methods with array parame (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-146.00 (Denial-of-service vulnerability in the proxy (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-147.00 (Malformed HTTP requests may reveal data from (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-148.00 (Malformed headers may cause high disk consum (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-149.00 (Security policy changes may not be seen by m (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-150.00 (A Denial of Service attack is possible again (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-151.00 (Inadvertent removal of access restrictions) (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-152.00 (Multiple vulnerabilities in WebLogic Server (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-153.00 ( Audit events may be posted with incorrect s (BEA Systems Inc. )
  
• BEA Security Advisory BEA07-154.00 (Upgrade and patch are available to disable u (BEA Systems Inc. )
  
• Security Advisory: (BEA07-148.01) (BEA Systems)