Oracle Security Alert for CVE-2008-3257
This Security Alert addresses the security issue CVE-2008-3257, a vulnerability in the Apache Connector component (mod_weblogic) of the Oracle Weblogic Server (formerly BEA WebLogic Server). This vulnerability may be remotely exploitable without authentication, i.e. it may be exploited over a network without the need for a username and password. A knowledgeable and malicious remote user can exploit this vulnerability with resulting availability, integrity and confidentiality impact.
Supported Products and Components Affected
Patches for this vulnerability can be found at the following:
Oracle strongly recommends that you backup and comprehensively test the stability of your system upon application of any patch or workaround prior to deleting any of the original file(s) that are replaced by a patch or workaround.
Oracle recommends that patches be applied rather than workarounds. Workarounds published by Oracle before patches were made available can be found at: