CVE-2003-1438

Name of the Vulnerable Software and Affected Versions BEA WebLogic Server and Express versions 5.1 through 7.0.0.1

Description A race condition issue exists when using in-memory session replication or replicated stateful session beans. This could cause the same buffer to be provided to two users, potentially allowing one user to see session data intended for another user.

Recommendations For versions 5.1 through 7.0.0.1, consider disabling in-memory session replication or replicated stateful session beans as a temporary workaround until a patch is available. Restrict access to sensitive session data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.