A hacker published an exploit which can cause a buffer overflow in Oracle WebLogic last week. There is no patch yet but until there is, a workaround has been provided to reduce the risk. The database giant has not stated when a patch will be available to fix the problem. Oracle assigns the problem the highest score of 10 in the CVSS security rating scheme but it is silent on KingCopes claim that the hole allows code to be injected. The last patch day was two weeks ago and provided 45 security patches.”]
Source: http://www.h-online.com/security/news/item/Oracle-warns-of-WebLogic-exploit-736681.html