Oracle应用服务器EmChartBeam远程目录遍历漏洞

Oracle应用服务器是一个综合解决方案，用于开发、集成和部署企业的应用系统、门户和网站。 Oracle应用服务器的服务端组件EmChartBean中存在目录遍历漏洞，非授权用户可以通过发送GET请求以Javaw.exe进程的权限（默认为LocalSystem）远程访问根目录以外的文件。 EmChartBean仅存在于运行时，在初始调用登陆页面后从JAR文件中解压，因此如果要利用这个漏洞攻击者必须首先能够向登陆页面提交请求。 Oracle Application Server 10g Release 3 10.1.3.0.0...

Directory traversal

Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably ".." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed...

CVE-2007-0222

Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably ".." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed...

CVE-2007-0222

Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably ".." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed...

CVE-2007-0222

CVE-2007-0222 is a directory traversal vulnerability in Oracle Application Server 10g (10.1.3.0.0) specifically in the EmChartBean server-side component. It allows remote, unauthenticated attackers to read arbitrary files outside the application root (likely via “..” in requests to the beanId par...