7 matches found
Oracle HTTP Server Header Cross Site Scripting
--------------------------------------------------------------------------------------------------------- Oracle HTTP Server XSS Header Injection --------------------------------------------------------------------------------------------------------- Attack Pattern ID : CAPEC-86 CWE ID : CI-79...
JVN#50837839 Oracle Application Server vulnerable to cross-site scripting
Oracle Application Server from Oracle is an application server. Oracle Application Server contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...
Directory traversal
Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably ".." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed...
CVE-2007-0222
Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably ".." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed...
CVE-2007-0222
CVE-2007-0222 is a directory traversal vulnerability in Oracle Application Server 10g (10.1.3.0.0) specifically in the EmChartBean server-side component. It allows remote, unauthenticated attackers to read arbitrary files outside the application root (likely via “..” in requests to the beanId par...
Oracle Enterprise Manager Agent buffer overflow
Added: 11/30/2005 CVE: CVE-2005-3460 BID: 15146 OSVDB: 20664 Background Oracle Application Server 10g includes the emagent.exe program which listens for connections on port 1830/TCP by default. Problem A buffer overflow vulnerability in emagent.exe could allow a remote attacker to execute arbitra...
Oracle Enterprise Manager Agent buffer overflow
Added: 11/30/2005 CVE: CVE-2005-3460 BID: 15146 OSVDB: 20664 Background Oracle Application Server 10g includes the emagent.exe program which listens for connections on port 1830/TCP by default. Problem A buffer overflow vulnerability in emagent.exe could allow a remote attacker to execute arbitra...