漏洞信息详情
BEA Systems WebLogic Server和Express会话共享漏洞
- CNNVD编号:CNNVD-200312-198
- 危害等级: 中危
![图片[1]-BEA Systems WebLogic Server和Express会话共享漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-17/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2003-1438
- 漏洞类型:
竞争条件
- 发布时间:
2003-12-31
- 威胁类型:
远程
- 更新时间:
2003-12-31
- 厂 商:
bea - 漏洞来源:
Reported in a BEA … -
漏洞简介
BEA WebLogic Server和Express 5.1到7.0.0.1版本存在竞争条件错误漏洞,在使用内存会话复制或复制有状态会话bean时,会向两个用户提供同一个缓冲器,用户利用该漏洞可能可以看到另一个用户的会话数据。
漏洞公告
An Updated BEA advisory (BEA03-26.01) containing fix details that address this issue has been released.
Fixes are available:
BEA Systems Weblogic Server 5.1 SP 13
-
BEA Systems CR094773_510sp13.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_510sp13.jar
BEA Systems WebLogic Express 5.1 SP 13
-
BEA Systems CR094773_510sp13.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_510sp13.jar
BEA Systems WebLogic Server for Win32 5.1 SP 13
-
BEA Systems CR094773_510sp13.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_510sp13.jar
BEA Systems Weblogic Server 6.0 SP 2
-
BEA Systems CR094773_60sp2rp3.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_60sp2rp3.jar
BEA Systems WebLogic Express 6.0 SP 2
-
BEA Systems CR094773_60sp2rp3.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_60sp2rp3.jar
BEA Systems WebLogic Express for Win32 6.0 SP 2
-
BEA Systems CR094773_60sp2rp3.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_60sp2rp3.jar
BEA Systems WebLogic Server for Win32 6.1 SP 4
-
BEA Systems CR094773_61sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_61sp4.jar
BEA Systems WebLogic Express for Win32 6.1 SP 4
-
BEA Systems CR094773_61sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_61sp4.jar
BEA Systems Weblogic Server 6.1 SP 4
-
BEA Systems CR094773_61sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_61sp4.jar
BEA Systems WebLogic Express 6.1 SP 4
-
BEA Systems CR094773_61sp4.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_61sp4.jar
BEA Systems WebLogic Server for Win32 7.0 SP 1
-
BEA Systems CR094773_70sp1.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_70sp1.jar
BEA Systems WebLogic Express 7.0 .0.1 SP 1
-
BEA Systems CR094773_70sp1.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_70sp1.jar
BEA Systems Weblogic Server 7.0 SP 1
-
BEA Systems CR094773_70sp1.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_70sp1.jar
BEA Systems WebLogic Express 7.0 SP 1
-
BEA Systems CR094773_70sp1.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_70sp1.jar
BEA Systems WebLogic Express for Win32 7.0 SP 1
-
BEA Systems CR094773_70sp1.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_70sp1.jar
BEA Systems WebLogic Express for Win32 7.0 .0.1 SP 1
-
BEA Systems CR094773_70sp1.jar
ftp://ftpna.beasys.com/pub/releases/security/CR094773_70sp1.jar
参考网址
来源: BEA
名称: BEA03-26.01
链接:http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-26.01.jsp
来源: XF
名称: weblogic-clustered-race-condition(11221)
链接:http://xforce.iss.net/xforce/xfdb/11221
来源: BID
名称: 6717
链接:http://www.securityfocus.com/bid/6717
来源: SECTRACK
名称: 1006018
链接:http://www.securitytracker.com/id?1006018
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
