DarkFiber Consulting – IT Managed Services

Oracle Releases Patch for WebLogic Plug-in Vulnerability

August 6th, 2008 . by DarkFiber Consulting

Oracle has released a patch to address a previously disclosed vulnerability in the WebLogic plug-in for Apache. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users to consider applying the patch and workarounds referenced in the Oracle Security Advisory and in Vulnerability Note VU#716387.

Oracle Releases Security Advisory for WebLogic Plug-in Vulnerability

July 29th, 2008 . by DarkFiber Consulting

Oracle has released a Security Advisory to address a vulnerability in the WebLogic plug-in for Apache. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to compromise the confidentiality or integrity of WebLogic Server applications or cause a denial-of-service condition. The advisory indicates that exploit code for this vulnerability is publicly available.

DarkFiber Consulting encourages users to review the Oracle Security Advisory and implement the workarounds listed in the document to help mitigate the risks. At this time, a patch or update is not available.

DarkFiber Consulting will provide additional information as it becomes available.