CVE-2002-0947

Опубликовано: 04 окт. 2002

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter.

Ссылки

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0097.html
http://online.securityfocus.com/archive/1/276524
http://technet.oracle.com/deploy/security/pdf/reports6i_alert.pdf
http://www.iss.net/security_center/static/9289.php
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/997403
Patch
Third Party Advisory
US Government Resource
http://www.nextgenss.com/vna/ora-reports.txt
http://www.securityfocus.com/bid/4848
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0097.html
http://online.securityfocus.com/archive/1/276524
http://technet.oracle.com/deploy/security/pdf/reports6i_alert.pdf
http://www.iss.net/security_center/static/9289.php
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/997403
Patch
Third Party Advisory
US Government Resource
http://www.nextgenss.com/vna/ora-reports.txt
http://www.securityfocus.com/bid/4848
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:reports:6.0.8:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.08591

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-c7c6-jrm9-fh57

github

почти 4 года назад