Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Vulnerabilities in webserviceclient+ssl.jar - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Vulnerabilities in webserviceclient+ssl.jar
Hi,

I am using Weblogic server 10.3. While checking for the vulnerabilities in project, came across CVE-2007-0417,CVE-2003-0640,CVE-2001-0098,CVE-2000-0681,CVE-2007-4618,CVE-2007-4617,CVE-2007-0425,CVE-2007-0418,CVE-2007-0408,CVE-2005-4757,CVE-2005-4756 all high vulnerabilities present in webserviceclient+ssl.jar. The description of these vulnerabilities says that they should be present in previous versions of Weblogic and should work fine in 10.3.

I am not sure, may be I have missed something while understanding as I am new to this.
Please suggest me the way to resolve these security concerns.

Thanks in Advance!
Anonymous

Sign Up for Free or Log In to start participating in the conversation!