CVE-2006-0429
BEA WebLogic Server and WebLogic Express 9.0 are the affected products. The vulnerability arises because new security providers can appear active even if they have not been activated by a server reboot, potentially leading an administrator to perform inappropriate, security‑relevant actions. The ...