CVE-2005-4751

Name of the Vulnerable Software and Affected Versions BEA WebLogic Server and WebLogic Express versions 6.1 SP7 and earlier BEA WebLogic Server and WebLogic Express versions 7.0 SP6 and earlier BEA WebLogic Server and WebLogic Express versions 8.1 SP4 and earlier BEA WebLogic Server and WebLogic Express version 9.0

Description The issue allows remote attackers to inject arbitrary web script or HTML, potentially gaining administrative privileges. The exact attack vectors are not specified.

Recommendations For BEA WebLogic Server and WebLogic Express versions 6.1 SP7 and earlier, update to a version later than 6.1 SP7 to resolve the issue. For BEA WebLogic Server and WebLogic Express versions 7.0 SP6 and earlier, update to a version later than 7.0 SP6 to resolve the issue. For BEA WebLogic Server and WebLogic Express versions 8.1 SP4 and earlier, update to a version later than 8.1 SP4 to resolve the issue. For BEA WebLogic Server and WebLogic Express version 9.0, update to a version later than 9.0 to resolve the issue.