CVE-2007-0279

Technical details about CVE-2007-0279 are not publicly available in the provided connected documents; the materials reference Oracle HTTP Server and related components with unspecified vulnerabilities. Monitor for updates for further specifics.

CVE-2007-0281

Multiple unspecified vulnerabilities in Oracle HTTP Server 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.1, 10.1.2.0.2, 10.1.2.1, and 10.1.3.0; and Collaboration Suite 9.0.4.2 and 10.1.2; have unknown impact and attack vectors related to the Oracle HTT...

CVE-2006-5349

Unspecified vulnerability in Oracle HTTP Server 9.2.0.7, when running on HP Tru64 UNIX, has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln OHS07...

CVE-2006-5347

Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle Collaboration Suite 9.0.4.2 has unknown impact and remote attack vectors related to HTTPS and SSL, aka Vuln OHS04...

CVE-2006-5353

Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors related to the Modrewrite Module, aka Vuln OHS01...

CVE-2006-5354

Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and 10.1.0.5, Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0, racle Collaboration Suite 9.0.4.2 and 10.1.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors, aka Vuln OHS0...

CVE-2006-5350

CVE-2006-5350 affects Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite/Applications 11.5.10CU2; the vulnerability impact is unspecified in the provided documents, with local attack vectors indicated. No concrete root-cause, exploit details, or remediation are given in the connected sources....

CVE-2006-5350

Unspecified vulnerability in Oracle HTTP Server 9.2.0.7 and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and local attack vectors, aka Vuln OHS08...

CVE-2006-5357

Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 10.1.2.0.1, 10.1.2.0.2, and 10.1.2.1.0 has unknown impact and remote attack vectors related to the PHP Module, aka Vuln OHS03...

Workaround for unpatched Oracle PLSQL Gateway flaw

There's a critical flaw in the Oracle PLSQL Gateway, a component of iAS, OAS and the Oracle HTTP Server, that allows attackers to bypass the PLSQLExclusion list and gain access to "excluded" packages and procedures. This can be exploited by an attacker to gain full DBA control of the backend...

Buffer overflow

Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10.1.0.5 and Application Server 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln OHS02...

CVE-2004-2115

Multiple cross-site scripting XSS vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the 1 action, 2 username, or 3 password parameters in an isqlplus request...

Oracle HTTP Server Cross Site Scripting Vulnerabillity

Software: Oracle HTTP Server Powered by Apache Vendor: http://www.apache.com http://www.oracle.com Versions: Oracle HTTP Server Powered by Apache/1.3.22 Win32 modplsql/3.0.9.8.3b modssl/2.8.5 OpenSSL/0.9.6b modfastcgi/2.2.12 modoprocmgr/1.0 modperl/1.25 Platforms: Windows Bug: Cross Site Scriptin...

oracleXSS.txt

Software: Oracle HTTP Server Powered by Apache Vendor: http://www.apache.com http://www.oracle.com Versions: Oracle HTTP Server Powered by Apache/1.3.22 Win32 modplsql/3.0.9.8.3b modssl/2.8.5 OpenSSL/0.9.6b modfastcgi/2.2.12 modoprocmgr/1.0 modperl/1.25 Platforms: Windows Bug: Cross Site Scriptin...

Oracle HTTP Server 8.1.7/9.0.1/9.2 - isqlplus Cross-Site Scripting

source: https://www.securityfocus.com/bid/9484/info Oracle HTTP Server is reportedly prone to a cross-site scripting issue. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML and script code. If this link were followed, the hostile code may...

Oracle HTTP Server 8.1.79.0.19.2 - isqlplus Cross-Site Scripting

Oracle HTTP Server 8.1.79.0.19.2 - isqlplus Cross-Site Scripting source: https://www.securityfocus.com/bid/9484/info Oracle HTTP Server is reportedly prone to a cross-site scripting issue. This could permit a remote attacker to create a malicious link to the web server that includes hostile HTML...