Oracle broke its regular patch release cycle on Wednesday to issue a patch for a vulnerability in WebLogic that has become the target of hacker attacks over recent days.

Multiple versions of Oracle (formerly BEA) WebLogic application server software are affected by a buffer overflow flaw involving the Apache plug-in component of the enterprise package. Oracle issued workarounds last week soon after the flaw became the target of active exploits. The flaw creates a means to crash or, in the worst case, inject hostile code into vulnerable systems.