Oracle Security Alert for CVE-2011-5035 was released on January 31st, 2012. Oracle strongly recommends applying Security Alert fixes as soon as possible.
This security alert addresses the security issue CVE-2011-5035, a denial of service vulnerability in Oracle WebLogic Server, Oracle Application Server (OC4J) and Oracle iPlanet Web Server due to hashing collisions. This vulnerability may be remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password. A remote user can exploit this vulnerability to affect the system availability.
The Advisory is available at the following location:
Oracle Critical Patch Updates and Security Alerts – http://www.oracle.com/technetwork/topics/security/alerts-086861.html
Oracle Security Alert CVE-2011-5035 – http://www.oracle.com/technetwork/topics/security/alert-cve-2011-5035-1506603.html