Insecure Exception Handling in BEA WebLogic Server and WebLogic Express

Insecure Exception Handling in BEA WebLogic Server and WebLogic Express

CVE-2005-1743 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 does not properly handle when a security provider throws an exception, which may cause WebLogic to use incorrect identity for the thread, or to fail to audit security exceptions.

Learn more about our Web App Pen Testing.