The remote Oracle WebLogic server is affected by a remote code execution vulnerability in the WLS Security component due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this to execute arbitrary code on the target host.
Binary data oracle_weblogic_server_cve_2015_4852.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
oracle | weblogic_server | cpe:/a:oracle:weblogic_server |