BEA WebLogic Server and WebLogic Express 9.0 causes new security providers to appear active even if they have not been activated by a server reboot, which could cause an administrator to perform inappropriate, security-relevant actions.
https://exchange.xforce.ibmcloud.com/vulnerabilities/24298
http://www.vupen.com/english/advisories/2006/0313
http://www.securityfocus.com/bid/16358
http://securitytracker.com/id?1015528