CVE-1999-1125
Oracle Webserver 2.1 and earlier runs setuid root; the configuration file is owned by the oracle account. This allows any local or remote attacker with oracle access to gain privileges or modify arbitrary files by altering the configuration file. No remediation details are provided in the supplie...