Lucene search

K
cveMitreCVE-2000-1235
HistoryJul 14, 2005 - 4:00 a.m.

CVE-2000-1235

2005-07-1404:00:00
mitre
web.nvd.nist.gov
34
4
oracle
ias
database security
unauthorized access
cve-2000-1235
remote attackers
http requests.

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

8.7

Confidence

High

EPSS

0.063

Percentile

93.8%

The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files.

Affected configurations

Nvd
Node
oracleapplication_serverRange3.0.7
VendorProductVersionCPE
oracleapplication_server*cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*

Social References

More

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

8.7

Confidence

High

EPSS

0.063

Percentile

93.8%

Related for CVE-2000-1235