Lucene search
HistoryJul 17, 2005 - 4:00 a.m.
CVE-2004-2244
cve-2004-2244
oracle
9i application server
database server
xml parser
denial of service
cpu consumption
memory consumption
soap message
nvd
8.5 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.018 Low
EPSS
Percentile
88.0%
The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD.
Affected configurations
Node
oracleapplication_serverMatch1.0.2.2
ORoracleapplication_serverMatch1.0.2.2.2
ORoracleapplication_serverMatch9.0.3
ORoracleapplication_serverMatch9.0.3.1
ORoracleoracle9iMatchenterprise_9.0.1.4
ORoracleoracle9iMatchenterprise_9.2.0.1
ORoracleoracle9iMatchenterprise_9.2.0.2
ORoracleoracle9iMatchpersonal_9.0.1.4
ORoracleoracle9iMatchpersonal_9.2.0.1
ORoracleoracle9iMatchpersonal_9.2.0.2
ORoracleoracle9iMatchstandard_9.0.1.4
ORoracleoracle9iMatchstandard_9.2.0.1
ORoracleoracle9iMatchstandard_9.2.0.2
Related
cvelist
cvelist
CVE-2004-2244
2005-07-17 04:00:00
nessus
nessus
Oracle Multiple Products SOAP Message Crafted DTD Remote DoS
2004-02-21 00:00:00
Oracle Application Server Multiple Vulnerabilities
2012-01-24 00:00:00
nvd
nvd
CVE-2004-2244
2004-12-31 05:00:00
8.5 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.018 Low
EPSS
Percentile
88.0%
Related for CVE-2004-2244