38 matches found
CVE-2005-1382
The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cachedumpfile parameter...
CVE-2005-1381
CVE-2005-1381: Oracle WebCache 9i contains multiple cross-site scripting vulnerabilities exploitable via the cache_dump_file and PartialPageErrorPage parameters. The NVD entry reports a MEDIUM base score (6.8) with network access, no authentication, and partial impacts to confidentiality, integri...
CVE-2005-1381
Multiple cross-site scripting XSS vulnerabilities in Oracle Webcache 9i allow remote attackers to inject arbitrary web script or HTML via the 1 cachedumpfile or 2 PartialPageErrorPage parameter...
CVE-2005-1382
CVE-2005-1382 affects Oracle WebCache 9i: the webcacheadmin dump file handling allows an administrator to place cache_dump_file contents at arbitrary locations due to insufficient restrictions on the destination path. The CPAI advisory explains that this enables data/caching file contents to be w...
Oracle Application Server 9i Webcache < 9.0.4.0 Multiple Vulnerabilities
According to its banner, the version of Oracle Application Server 9i Webcache installed on the remote host suffers from several flaws: - Arbitrary File Corruption Vulnerability An attacker may be able to corrupt arbitrary files on the remote host by passing the filenames through the 'cachedumpfil...
Oracle Application Server 9i - Webcache Cache_dump_file Cross-Site Scripting
Oracle Application Server 9i - Webcache Cachedumpfile Cross-Site Scripting source : https://www.securityfocus.com/bid/13421/info A remote cross-site scripting vulnerability affects the Oracle Application Server 9i Webcache administration console. This issue is due to a failure of the application ...
Webcache Client Requests bypasses OHS mod_access restrictions
Name Webcache Client Requests bypasses OHS modaccess Restrictions Systems Affected Oracle Application Server - OHS 1.0.2 - 10.x Severity Low Risk Category Bypass protected URLs via Webcache Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 26 Apr 200...
Oracle Application Server 9i - Webcache PartialPageErrorPage Cross-Site Scripting
source: https://www.securityfocus.com/bid/13422/info A remote cross-site scripting vulnerability affects the Oracle Application Server 9i Webcache administration console. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamicall...
Oracle Application Server 9i Webcache - Arbitrary File Corruption
source: https://www.securityfocus.com/bid/13420/info Oracle Application Server 9i Webcache is prone to an arbitrary file corruption vulnerability. The issue exists becaue dangerous characters are not removed from a certain parameter value, allowing an attacker to construct a URI that contains an...
Oracle Application Server 9.0 - HTTP Service Mod_Access Restriction Bypass
source: https://www.securityfocus.com/bid/13418/info Oracle HTTP ServerOHS of Oracle Application Server is prone to an access restriction bypass vulnerability. It is possible to configure a list of forbidden URIs in OHS. This is accomplished using 'modaccess'. A URI that is listed is not supposed...
Oracle Application Server 9i - Webcache PartialPageErrorPage Cross-Site Scripting
Oracle Application Server 9i - Webcache PartialPageErrorPage Cross-Site Scripting source: https://www.securityfocus.com/bid/13422/info A remote cross-site scripting vulnerability affects the Oracle Application Server 9i Webcache administration console. This issue is due to a failure of the...
Append file in Oracle Webcache 9i
Name Append file vulnerability in Oracle Webcache 9i Systems Affected Oracle Application Server with Webcache 9i Severity Medium Risk Category Corruption of files Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 26 Apr 2005 V 1.00 Advisory...
Oracle Application Server 9i Webcache - Arbitrary File Corruption
Oracle Application Server 9i Webcache - Arbitrary File Corruption source: https://www.securityfocus.com/bid/13420/info Oracle Application Server 9i Webcache is prone to an arbitrary file corruption vulnerability. The issue exists becaue dangerous characters are not removed from a certain paramete...
Oracle Application Server 9i - Webcache Cache_dump_file Cross-Site Scripting
source : https://www.securityfocus.com/bid/13421/info A remote cross-site scripting vulnerability affects the Oracle Application Server 9i Webcache administration console. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamical...
Oracle Application Server 9.0 - HTTP Service Mod_Access Restriction Bypass
Oracle Application Server 9.0 - HTTP Service ModAccess Restriction Bypass source: https://www.securityfocus.com/bid/13418/info Oracle HTTP ServerOHS of Oracle Application Server is prone to an access restriction bypass vulnerability. It is possible to configure a list of forbidden URIs in OHS. Th...
Cross Site Scripting in Oracle Webcache 9i
Name Cross Site Scripting in Oracle Webcache 9i Systems Affected Oracle Application Server with Webcache 9i Severity Low Risk Category Cross Site Scripting Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 26 Apr 2005 V 1.00 Advisory AKSEC2003-011 Ti...
Oracle WebCache Server < 2.0.0.3.x Multiple Vulnerabilities
Binary data 1516.prm...
CVE-2003-1183
The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access...