The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded...
9.2AI Score
0.008EPSS
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello...
7.7AI Score
0.018EPSS
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null...
7.5CVSS
7.1AI Score
0.006EPSS
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test...
7.2AI Score
0.003EPSS
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an...
7.2AI Score
0.002EPSS
Format string vulnerability in certain third party modifications to mod_dav for logging bad gateway messages (e.g. Oracle9i Application Server 9.0.2) allows remote attackers to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, which causes the format string...
9.7AI Score
0.023EPSS
Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request...
8AI Score
0.024EPSS
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different...
8.4AI Score
0.971EPSS
IBM Websphere 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with long HTTP headers, such as...
7.7AI Score
0.014EPSS
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear.....
7.6AI Score
0.14EPSS
Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious...
7.1AI Score
0.023EPSS
Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file"....
6.1AI Score
0.016EPSS
The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the...
7.1AI Score
0.001EPSS
Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp...
7.5CVSS
7.6AI Score
0.049EPSS
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and...
9AI Score
0.918EPSS
Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name...
9.6AI Score
0.077EPSS
Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error...
8.8AI Score
0.109EPSS
Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet...
9.1AI Score
0.02EPSS
The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing....
8.9AI Score
0.902EPSS
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long...
9.5AI Score
0.005EPSS
rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote attackers to use the information in additional...
8.7AI Score
0.015EPSS
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat...
6.8AI Score
0.32EPSS
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary...
9.5AI Score
0.014EPSS
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid...
8.2AI Score
0.066EPSS
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in...
9.6AI Score
0.78EPSS
The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users to access sensitive services without authentication, including Dynamic Monitoring Services (1) dms0, (2) dms/DMSDump, (3) servlet/DMSDump, (4) servlet/Spy, (5) soap/servlet/Spy, and (6) dms/AggreSpy;...
9AI Score
0.935EPSS
Oracle 9iAS 1.0.2.x compiles JSP files in the _pages directory with world-readable permissions under the web root, which allows remote attackers to obtain sensitive information derived from the JSP code, including usernames and passwords, via a direct HTTP request to...
8.8AI Score
0.015EPSS
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication...
8.8AI Score
0.014EPSS
The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD...
9.1AI Score
0.858EPSS
The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to...
9.1AI Score
0.781EPSS
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid...
9.2AI Score
0.01EPSS
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual...
8.4AI Score
0.938EPSS
Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or execute arbitrary code via (1) a long help page request without a dadname, which overflows the resulting HTTP Location header, (2) a long HTTP request to the...
9.4AI Score
0.032EPSS
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listprint, or (3)...
8.6AI Score
0.85EPSS
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force...
7.2AI Score
0.016EPSS
Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "."...
6.7AI Score
0.021EPSS
An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from...
7.2AI Score
0.001EPSS
Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot)...
8.7AI Score
0.413EPSS
IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP...
6.5AI Score
0.0004EPSS
Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help...
9.4AI Score
0.056EPSS
saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand...
6.8AI Score
0.0004EPSS
Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot)...
9AI Score
0.006EPSS
Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request"...
6.7AI Score
0.013EPSS
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET...
7.6AI Score
0.018EPSS
Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malformed request that generates a server error message, which includes full pathname or internal IP address information in the variables (1) APPL_PHYSICAL_PATH, (2) PATH_TRANSLATED, and (3)...
6.6AI Score
0.004EPSS
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error...
6.5AI Score
0.002EPSS
Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as...
9.7AI Score
0.006EPSS
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK...
6.8AI Score
0.002EPSS
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a denial of service by directly calling the macro.d2w macro with a long string of %0a...
6.8AI Score
0.004EPSS
Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <>...
9.2AI Score
0.012EPSS