Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WebLogic Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability - CVE-2018-1324 - Vulnerability Database
WebLogic

WebLogic Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability - CVE-2018-1324

Medium
Reference: CVE-2018-1324
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-1324
Title: WebLogic Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability
Overview:

A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress39 extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress39 zip package.