Lucene search
HistoryMar 30, 2004 - 5:00 a.m.
CVE-2004-1877
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.018 Low
EPSS
Percentile
88.4%
The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password.
Affected configurations
Node
oracleapplication_serverMatch1.0.2
ORoracleapplication_serverMatch1.0.2.1s
ORoracleapplication_serverMatch1.0.2.2
ORoracleapplication_serverMatch1.0.2.2.2
ORoracleapplication_serverMatch9.0.2
ORoracleapplication_serverMatch9.0.2.0.0
ORoracleapplication_serverMatch9.0.2.0.1
ORoracleapplication_serverMatch9.0.2.1
ORoracleapplication_serverMatch9.0.2.2
ORoracleapplication_serverMatch9.0.2.3
ORoracleapplication_serverMatch9.0.3
ORoracleapplication_serverMatch9.0.3.1
ORoraclehttp_serverMatch8.1.7
ORoraclehttp_serverMatch9.0.1
ORoraclehttp_serverMatch9.2.0
Related
cve
cve
CVE-2004-1877
2005-05-10 04:00:00
cvelist
cvelist
CVE-2004-1877
2005-05-10 04:00:00
nessus
nessus
Oracle Application Server Multiple Vulnerabilities
2012-01-24 00:00:00
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.018 Low
EPSS
Percentile
88.4%
Related for NVD:CVE-2004-1877