The emergency workaround, available here, addresses an unpatched vulnerability that's remotely exploitable without authentication (no username and password required to exploit over the network) and can result in compromising the confidentiality, integrity, and availability of the targeted system.
Oracle's Eric Maurice says the vulnerability carries a CVSS Base Score of 10.0, the maximum severity rating.
This IBM ISS alert provides some technical details:
Oracle WebLogic Server (formerly known as BEA WebLogic Server) is vulnerable to a buffer overflow, caused by improper bounds checking by the Apache Connector. By sending a specially-crafted HTTP POST request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.