CVE-2002-1639

Sažetak

Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to obtain sensitive information via a request to the oracle.apps.cz.servlet.UiServlet servlet with the test parameter set to "version" or "host".

Reference

http://securitytracker.com/id?1003967
http://www.kb.cert.org/vuls/id/158323
http://www.oracle.com/technology//deploy/security/htdocs/oconfigvul.html
http://www.securityfocus.com/bid/4433
https://exchange.xforce.ibmcloud.com/vulnerabilities/8782

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

26-09-2018 - 16:05

Objavljeno

01-04-2002 - 05:00