Lucene search

[email protected]NVD:CVE-2004-0385

HistoryJun 01, 2004 - 4:00 a.m.

CVE-2004-0385

2004-06-0104:00:00

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.14 Low

EPSS

Percentile

95.7%

JSON

Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple “vulnerabilities.”

Affected configurations

NVD

Node

oracleapplication_server_web_cacheMatch9.0.0.4.0

oracleapplication_server_web_cacheMatch9.0.2.3.0

oracleapplication_server_web_cacheMatch9.0.3.1.0

oracleapplication_server_web_cacheMatch9.0.4.0.0

oraclee-business_suiteMatch11i

References

archives.neohapsis.com/archives/vulnwatch/2004-q1/0078.html

marc.info/?l=bugtraq&m=107945649127635&w=2

marc.info/?l=bugtraq&m=108144419001770&w=2

otn.oracle.com/deploy/security/pdf/2004alert66.pdf

secunia.com/advisories/11118

www.inaccessnetworks.com/ian/services/secadv01.txt

www.kb.cert.org/vuls/id/413006

www.osvdb.org/4249

www.securityfocus.com/bid/9868

exchange.xforce.ibmcloud.com/vulnerabilities/15463

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.14 Low

EPSS

Percentile

95.7%

JSON

Related for NVD:CVE-2004-0385

cve1 nessus1 cert1 cvelist1 securityvulns1