CVE-2007-2703

Name of the Vulnerable Software and Affected Versions BEA WebLogic Portal version 9.2 GA

Description The issue allows remote authenticated users to potentially access privileged resources due to a corruption of visitor entitlements roles. This occurs when an administrator provides a long role description.

Recommendations For BEA WebLogic Portal version 9.2 GA, consider restricting the length of role descriptions provided by administrators to prevent corruption of visitor entitlements roles. As a temporary workaround, limit the access to privileged resources until a more permanent solution is available.