"Researchers Warn of Unpatched Vulnerability in Oracle WebLogic Server"

Attackers' scans for the presence of a vulnerability in Oracle WebLogic servers have been detected by several security companies. According to researchers, the vulnerability that has not yet been patched is a deserialization bug that can be exploited by attackers to remotely execute code. Serialization refers to the process in which data is converted to a binary format in order for the data to be transmitted over the network safely. The process of deserialization coverts the serialized data back to its original format. This article continues to discuss the discoveries surrounding this vulnerability and the blacklist approach to fixing vulnerabilities.   

CSO Online reports "Researchers Warn of Unpatched Vulnerability in Oracle WebLogic Server