CVE-2001-1217

CVE-2001-1217

EPSS 54.4%

Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://otn.oracle.com/deploy/security/pdf/modplsql.pdf http://www.iss.net/security_center/static/7728.php http://www.kb.cert.org/vuls/id/758483 http://www.securityfocus.com/archive/1/246663 http://www.securityfocus.com/bid/3727