Lucene search
K

7 matches found

Packet Storm
Packet Storm
added 2011/06/14 12:0 a.m.137 views

Oracle HTTP Server Header Cross Site Scripting

--------------------------------------------------------------------------------------------------------- Oracle HTTP Server XSS Header Injection --------------------------------------------------------------------------------------------------------- Attack Pattern ID : CAPEC-86 CWE ID : CI-79...

4.3CVSS0.94281EPSS
Exploits7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/01/14 12:0 a.m.17 views

JVN#50837839 Oracle Application Server vulnerable to cross-site scripting

Oracle Application Server from Oracle is an application server. Oracle Application Server contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...

6.3AI score
Exploits0
Prion
Prion
added 2007/01/17 1:28 a.m.28 views

Directory traversal

Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably ".." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed...

5CVSS6.4AI score0.10609EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2007/01/17 1:0 a.m.25 views

CVE-2007-0222

Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote attackers to read arbitrary files via unknown vectors, probably ".." sequences in the beanId parameter. NOTE: this is likely a duplicate of another CVE that Oracle addressed...

8.9AI score0.10609EPSS
Exploits0References7
CVE
CVE
added 2007/01/17 1:0 a.m.61 views

CVE-2007-0222

CVE-2007-0222 is a directory traversal vulnerability in Oracle Application Server 10g (10.1.3.0.0) specifically in the EmChartBean server-side component. It allows remote, unauthenticated attackers to read arbitrary files outside the application root (likely via “..” in requests to the beanId par...

5CVSS9AI score0.10609EPSS
Exploits0References7Affected Software1
Saint
Saint
added 2005/11/30 12:0 a.m.18 views

Oracle Enterprise Manager Agent buffer overflow

Added: 11/30/2005 CVE: CVE-2005-3460 BID: 15146 OSVDB: 20664 Background Oracle Application Server 10g includes the emagent.exe program which listens for connections on port 1830/TCP by default. Problem A buffer overflow vulnerability in emagent.exe could allow a remote attacker to execute arbitra...

10CVSS7.5AI score0.04145EPSS
Exploits4
Saint
Saint
added 2005/11/30 12:0 a.m.37 views

Oracle Enterprise Manager Agent buffer overflow

Added: 11/30/2005 CVE: CVE-2005-3460 BID: 15146 OSVDB: 20664 Background Oracle Application Server 10g includes the emagent.exe program which listens for connections on port 1830/TCP by default. Problem A buffer overflow vulnerability in emagent.exe could allow a remote attacker to execute arbitra...

10CVSS7.5AI score0.04145EPSS
Exploits4
Rows per page
Query Builder