|
|
CVE Reference: CVE-2005-4705 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-4705 |
|
|
Description: BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7, when a Java client application creates an SSL connection to the server after it has already created an insecure connection, will use the insecure connection, which allows remote attackers to sniff the connection. |
|
|
CVE Status: Candidate |
|
|
References: OSVDB 20095 BEA http://dev2dev.bea.com/pub/advisory/141 |
|
| Return to the previous page. |
