Oracle warns over unpatched vuln
Oracle has decided to break its quarterly update release cycle with plans to develop a patch against a zero-day exploit. The planned fix addresses a buffer overflow flaw in Oracle WebLogic Server which creates a means for hackers to plant malware onto targeted systems. By sending a specially-malformed HTTP POST request attackers …
Some bugs are a right bugger of a BOFH if you don't deal with them right.
"By sending a specially-malformed HTTP POST request attackers might be able to assault vulnerable systems without needing either user names or passwords, an alert on the bug by IBM's X-force security division warns."
And then there is also the ZerodDay Opportunist, the Yin of that Negative Yang, who would be into sending especially-informed HTTP POSTs, which may or may not be requests for anything.
Sign up, sign up for The Register's weekly IT security newsletter - click here
Popular Whitepapers
- The Register Buzz Report
Readership perceptions of 25 global IT brands - The Register's Green Computing Debate
An on-demand webcast - Risk and Resilience
The application availability gamble - The Register Guide to iSCSI
A primer on Internet SCSI, a protocol to transport SCSI commands over IP - Register Research on: Application Platforms
The state of play - The Great Virtualization Debate
Practitioner insights into the where, why and how
