BEA WebLogic Server and Express 6.1 up to and including 7.0.0.1 buffers HTTP requests in a way that can cause BEA to send the same response for two different HTTP requests, which could allow remote malicious users to obtain sensitive information that was intended for other users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bea weblogic server 6.1 |
||
bea weblogic server 7.0 |
||
bea weblogic server 7.0.0.1 |