Lucene search

[email protected]NVD:CVE-2002-1632

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1632

2002-12-3105:00:00

[email protected]

web.nvd.nist.gov

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.1%

JSON

Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2.

Affected configurations

NVD

Node

oracleapplication_serverMatch1.0.2

oracleapplication_serverMatch1.0.2.1s

oracleapplication_serverMatch1.0.2.2

oracleapplication_serverMatch9.0.2.0.0

oracleapplication_serverMatch9.0.2.0.1

References

www.kb.cert.org/vuls/id/717827

www.kb.cert.org/vuls/id/SVIM-576QLZ

www.nextgenss.com/papers/hpoas.pdf

www.oracle.com/technology/deploy/security/pdf/ias_modplsql_alert.pdf

www.securityfocus.com/bid/6556

exchange.xforce.ibmcloud.com/vulnerabilities/8665

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.1%

JSON

Related for NVD:CVE-2002-1632

cve1 cvelist1 openvas2 nessus1