Unrated severityNVD Advisory· Published Dec 31, 2003· Updated Jun 16, 2026
CVE-2003-1438
CVE-2003-1438
Description
Race condition in BEA WebLogic Server and Express 5.1 through 7.0.0.1, when using in-memory session replication or replicated stateful session beans, causes the same buffer to be provided to two users, which could allow one user to see session data that was intended for another user.
Affected products
7cpe:2.3:a:bea:weblogic_server:5.1:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:bea:weblogic_server:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:bea:weblogic_server:7.0.0.1:*:*:*:*:*:*:*
- (no CPE)range: 5.1 - 7.0.0.1
- Range: 5.1 - 7.0.0.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.