Описание
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities."
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- PatchVendor Advisory
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Одно из
EPSS
10 Critical
CVSS2
Дефекты
Связанные уязвимости
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities."
EPSS
10 Critical
CVSS2