Race condition in BEA WebLogic Server and Express 5.1 through 7.0.0.1, when using in-memory session replication or replicated stateful session beans, causes the same buffer to be provided to two users, which could allow one user to see session data that was intended for another user.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:47
Type | Values Removed | Values Added |
---|---|---|
References | () http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-26.01.jsp - Patch | |
References | () http://www.securityfocus.com/bid/6717 - | |
References | () http://www.securitytracker.com/id?1006018 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/11221 - |
Information
Published : 2003-12-31 05:00
Updated : 2024-11-20 23:47
NVD link : CVE-2003-1438
Mitre link : CVE-2003-1438
CVE.ORG link : CVE-2003-1438
JSON object : View
Products Affected
bea
- weblogic_server
CWE
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')