Oracle Application Server version 1.0.2 : Security vulnerabilities, CVEs directory traversal published in 2001

cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*

CVE-2001-1217

Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.

Max CVSS

5.0

EPSS Score

41.34%

Published

2001-12-21

Updated

2008-09-05

CVE-2001-0591

Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack.

Max CVSS

7.5

EPSS Score

0.64%

Published

2001-08-22

Updated

2018-05-03

2 vulnerabilities found

Oracle » Application Server » 1.0.2 : Security Vulnerabilities, CVEs, Published In 2001 (Directory traversal)

CVE-2001-1217

CVE-2001-0591