Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Application_server_web_cache
(Oracle)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-05-03 | CVE-2005-1382 | The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cache_dump_file parameter. | Application_server_web_cache | N/A | ||
| 2005-05-03 | CVE-2005-1381 | Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote attackers to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter. | Application_server_web_cache | N/A | ||
| 2004-06-01 | CVE-2004-0385 | Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities." | Application_server_web_cache, E\-Business_suite | N/A | ||
| 2002-05-27 | CVE-2002-1641 | Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via unknown vectors. | Application_server_web_cache | N/A | ||
| 2002-07-03 | CVE-2002-0566 | PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication type. | Application_server, Application_server_web_cache, Oracle8i, Oracle9i | N/A |