Security updates for numerous holes in BEA's products
Software vendor BEA has published 28 security advisories concerning holes in its Web server and AquaLogic products that could allow attackers to inject malicious code into a system, cause it to crash, or steal data. Some of the holes can be exploited remotely over local networks or the internet. The following software is affected:
BEA AquaLogic Service Bus 2.0, 2.1, 2.5
BEA AquaLogic Enterprise Security 2.0, 2.1, 2.2
BEA WebLogic Server 6.1, 7.0, 8.1, 9.0, 9.1, 9.2
BEA WebLogic Platform 8.1
BEA WebLogic Server 8.1
BEA JRockit 1.4.2 R4.5 and previous.
Updates have been released to remedy the flaws.
- Security Advisories and Notifications BEA's overview