Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (July 2014 CPU)

The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities in relation to the Oracle WebLogic plugins. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid76618;...

CVE-2014-4251

CVE-2014-4251 is tied to Oracle Fusion Middleware’s Oracle HTTP Server; the vulnerability affects the Oracle HTTP Server component in versions 11.1.1.7.0 and 12.1.2.0 via the Oracle WebLogic plugins and is described as an unspecified issue that could affect integrity when accessed by remote authe...

Oracle HTTP Server - XSS Header Injection

No description provided by source. --------------------------------------------------------------------------------------------------------- Oracle HTTP Server XSS Header Injection --------------------------------------------------------------------------------------------------------- Attack...

Oracle HTTP Server 8.1.7/9.0.1/9.2 isqlplus Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9484/info Oracle HTTP Server is reportedly prone to a cross-site scripting issue. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code. If this link...

Oracle HTTP Server (January 2007 CPU)

According to its banner, the version of Oracle HTTP Server installed on the remote host is potentially affected by multiple vulnerabilities. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17730; scriptcvsdate"Date: 2018/11/15 20:50:25"; scriptversion"1.6";...

Oracle HTTP Server (January 2006 CPU)

According to its banner, the version of Oracle HTTP Server installed on the remote host is potentially affected by multiple vulnerabilities : - An unspecified information disclosure issue exists. CVE-2006-0286 - An unspecified error can allow denial of service attacks. CVE-2006-0287 C Tenable...

Oracle HTTP Server Version

The remote host is running the Oracle HTTP Server, a proprietary web server. It was possible to read the version number from the banner. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid56876; scriptversion"1.2"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Orac...

Oracle HTTP Server (October 2006 CPU)

According to its banner, the version of Oracle HTTP Server installed on the remote host is potentially affected by multiple vulnerabilities. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17731; scriptcvsdate"Date: 2018/11/15 20:50:25"; scriptversion"1.9"; scriptcvei...

Oracle Database Multiple Vulnerabilities (October 2005 CPU)

The remote Oracle database server is missing the October 2005 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Change Data Capture - Data Guard Logical Standby - Data Pump Export - Database Scheduler - Export - Locale - Materialize...

Oracle Releases Security Alert for Oracle HTTP Server Products

Oracle has released a security alert to address a vulnerability in Apache HTTPD. This vulnerability affects: Oracle Fusion Middleware 11g Release 1, versions 11.1.1.3.0, 11.1.1.4.0, 11.1.1.5.0 Oracle Application Server 10g Release 3, version 10.1.3.5.0 Oracle Application Server 10g Release 2,...

Oracle HTTP Server 'Expect' Header Cross-Site Scripting Vulnerability

Oracle HTTP Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle HTTP Server 'Expect' Header Cross-Site Scripting Vulnerability

This host is running Oracle HTTP Server and is prone to cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodoraclehttpserverxssheaderinjectionvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ Oracle HTTP Server 'Expect' Header Cross-Site Scripting Vulnerability Authors: Sooraj KS...

Design/Logic Flaw

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.2.3 allows remote attackers to affect integrity via unknown vectors...

CVE-2010-4455

CVE-2010-4455 describes an unspecified vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware 11.1.1.2/11.1.1.3 that could allow remote attackers to affect confidentiality and integrity via unknown vectors related to the Apache Plugin. The NVD entry lists a CVSSv2 base scor...

Oracle HTTP Server mod_access Restriction Bypass (CVE-2005-1383)

The Oracle HTTP Server OHS is bundled with recent Oracle Database Server releases 8.1.7 and above, 9i and10g. The OHS is provided to enable the distribution of applications over the web. The OHS is derivative of the Apache HTTP server project, and enhanced with a set of Oracle extensions. There...

Buffer overflow

Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN01. NOTE: as of 2007012...

Design/Logic Flaw

Multiple unspecified vulnerabilities in Oracle HTTP Server 9.2.0.8 and Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, aka 1 OHS01, 2 OHS02, 3 OHS05, 4 OHS06, and 5 OHS07...

Design/Logic Flaw

Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.2 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2 has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN02...

CVE-2007-0280

Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN01. NOTE: as of 2007012...

CVE-2007-0279

Multiple unspecified vulnerabilities in Oracle HTTP Server 9.2.0.8 and Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors, aka 1 OHS01, 2 OHS02, 3 OHS05, 4 OHS06, and 5 OHS07...