Welcome to WebmasterWorld Guest from 18.205.176.85

Forum Moderators: open

Oracle Security Alert Oracle's WebLogic Server, Patches Released

     
12:05 pm on Jun 20, 2019 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:26474
votes: 1080


Oracle has issued a security advisory over a vulnerability via XMLDecoder in Oracle's WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, and issued out-of-band security patches.

This Security Alert addresses CVE-2019-2729, a deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services. This remote code execution vulnerability is remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.


You can pick up the patch details on the link here
[oracle.com...]