BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if an administrator provides a long role description, which might allow remote authenticated users to access privileged resources.
https://exchange.xforce.ibmcloud.com/vulnerabilities/34285
http://www.vupen.com/english/advisories/2007/1815
http://www.securitytracker.com/id?1018060