Lucene search
RootSSV:4398HistoryNov 04, 2008 - 12:00 a.m.
Oracle WebLogic Apache连接器远程缓冲区溢出漏洞
2008-11-0400:00:00
Root
www.seebug.org
31
0.97 High
EPSS
Percentile
99.7%
CVE(CAN) ID: CVE-2008-4008
WebLogic包含多种应用系统集成方案,包括Server/Express/Integration等。
WebLogic的Apache连接器实现上存在漏洞,模块做处理请求所带的畸形参数时,未进行长度检查就把字符串拷贝到固定长度的栈缓冲区中,远程攻击者可能利用此漏洞触发栈溢出,导致执行任意指令。
Oracle WebLogic Server
Oracle
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html” target=“_blank”>http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2008.html</a>
Related
packetstorm
packetstorm
BEA Weblogic Transfer-Encoding Buffer Overflow
2009-11-26 00:00:00
nessus
nessus
Oracle WebLogic Server mod_wl Invalid Parameter Remote Overflow (1150354)
2008-11-16 00:00:00
prion
prion
Stack overflow
2008-10-14 21:11:00
securityvulns
securityvulns
Oracle WebLogic Apache Connector buffer overflow
2008-11-02 00:00:00
iDefense Security Advisory 10.31.08: Oracle WebLogic Apache Connector
2008-11-02 00:00:00
saint
saint
Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow
2008-10-31 00:00:00
Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow
2008-10-31 00:00:00
Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow
2008-10-31 00:00:00
cve
cve
CVE-2008-4008
2008-10-14 21:11:00
checkpoint_advisories
checkpoint_advisories
Oracle BEA WebLogic Server Apache Connector Buffer Overflow (CVE-2008-4008)
2009-12-17 00:00:00
oracle
oracle
CPUOct2008 Advisory
2008-10-14 00:00:00
CPU Jan 2009
2009-01-13 00:00:00
seebug
seebug
Oracle 2008年10月紧急补丁更新修复多个漏洞
2008-10-20 00:00:00