Oracle » Application Server Web Cache : Security Vulnerabilities, CVEs, Published In 2002 (Denial of service)
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication type.
Max CVSS
5.0
EPSS Score
1.39%
Published
2002-07-03
Updated
2018-05-03
Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or execute arbitrary code via (1) a long help page request without a dadname, which overflows the resulting HTTP Location header, (2) a long HTTP request to the plsql module, (3) a long password in the HTTP Authorization, (4) a long Access Descriptor (DAD) password in the addadd form, or (5) a long cache directory name.
Max CVSS
7.5
EPSS Score
3.17%
Published
2002-07-03
Updated
2017-12-19
Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters.
Max CVSS
5.0
EPSS Score
2.06%
Published
2002-03-25
Updated
2017-12-19
3 vulnerabilities found