Oracle XSQL Stylesheet Vulnerability

The Oracle XSQL Servlet allows arbitrary Java code to be executed by an attacker by supplying the URL of a malicious XSLT stylesheet when making a request to an XSQL page. OpenVAS Vulnerability Test $Id: oraclexsql.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Oracle XSQL Stylesheet...

CVE-2001-0126

Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet...

CVE-2001-0126

Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet...

Oracle XSQL servlet and xml-stylesheet allow executing java on the web server

Georgi Guninski security advisory 34, 2001 Oracle XSQL servlet and xml-stylesheet allow executing java on the web server Systems affected: Oracle XSQL servlet, installed by default Oracle 8.1.7 Windows 2000installation, probably other versions/platforms are affected because the servlet is written...

Дырка в Oracle XSQL servlet

Имеется возможность выполнить .xsl-файл в контексте сервера. Это дает возможность выполнить любой java-код...