Oracle Security Alert for CVE-2008-3257 Description This Security Alert addresses the security issue CVE-2008-3257, a vulnerability in the Apache Connector component (mod_weblogic) of the Oracle Weblogic Server (formerly BEA WebLogic Server). This vulnerability may be remotely exploitable without authentication, i.e. it may be exploited over a network without the need for a username and password. A knowledgeable and malicious remote user can exploit this vulnerability with resulting availability, integrity and confidentiality impact. For More Information: Workaround instructions are posted at: https://support.bea.com/application_content/product_portlets/securityadvisories/3257.html The Security Alert for this vulnerability is posted at: http://www.oracle.com/technology/deploy/security/alerts/alert_cve2008-3257.html Oracle Software Security Assurance web site is located at: http://www.oracle.com/security/software-security-assurance.html Critical Patch Updates & Security Alerts web site is located at: http://www.oracle.com/technology/deploy/security/alerts.htm