BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 does not properly handle when a security provider throws an exception, which may cause WebLogic to use incorrect identity for the thread, or to fail to audit security exceptions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle weblogic portal 8.0 |
||
bea weblogic server 6.0 |
||
bea weblogic server 6.1 |
||
bea weblogic server 7.0.0.1 |
||
bea weblogic server 7.0 |
||
bea weblogic server 8.1 |