Threat Level: green Handler on Duty: Yee Ching Tok

SANS ISC: Oracle WebLogic Server: CVE-2015-4852 patched SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Oracle WebLogic Server: CVE-2015-4852 patched

Lost in the hoopla around Microsoft and Adobe patch Tuesday was a critical patch released by Oracle which addressed CVE-2015-4852. CVE-2105-4852 is a critical vulnerability in Apache Commons which affects Oracle WebLogic Server.  This vulnerability permits remote exploitation without authentication and should be patched as soon as practical. 

More information can be found at the Oracle Blog.

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - - Twitter:namedeplume (Protected)


324 Posts
ISC Handler
Nov 12th 2015
I think initial posting has been

Mass scanner for the Java serialize bug

Sign Up for Free or Log In to start participating in the conversation!