Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle application server 9.0.2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2002-1858
Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 up to and including 9.0.2.0.1, when running on Windows, allows remote malicious users to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF direc...
Oracle Application Server 1.0.2.2
Oracle Application Server 9.0.2
Oracle Application Server 9.0.2.0.0
Oracle Application Server 9.0.2.0.1
4.3
CVSSv2
CVE-2002-2347
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote malicious users to inject arbitrary web script or HTML...
Oracle Application Server 1.0.2
Oracle Application Server 1.0.2.1s
Oracle Application Server 1.0.2.2
Oracle Application Server 9.0.2
7.5
CVSSv2
CVE-2006-6697
CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle Portal 10g and previous versions, including 9.0.2, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the enc parameter.
Oracle Application Server Portal 10g
Oracle Application Server Portal 9.0.2
1 EDB exploit
4.6
CVSSv2
CVE-2004-2134
Oracle toplink mapping workBench uses a weak encryption algorithm for passwords, which allows local users to decrypt the passwords.
Oracle Application Server 9.0.2.0.0
Oracle Application Server 9.0.2.0.1
Oracle Application Server 9.0.2.3
Oracle Application Server 9.0.3
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.2.2
Oracle Application Server 9.0.2
1 EDB exploit
5
CVSSv2
CVE-2002-0386
The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote malicious users to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chun...
Oracle Application Server 9.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2005-2093
Oracle 9i Application Server (Oracle9iAS) 9.0.2 allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, wh...
Oracle Application Server 9.0.2
7.5
CVSSv2
CVE-2002-2345
Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote malicious users to gain access.
Oracle Application Server 9.0.2
7.5
CVSSv2
CVE-2002-0842
Format string vulnerability in certain third party modifications to mod_dav for logging bad gateway messages (e.g. Oracle9i Application Server 9.0.2) allows remote malicious users to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, ...
Oracle Application Server 9.0.2
5
CVSSv2
CVE-2006-6699
Multiple CRLF injection vulnerabilities in Oracle Portal 9.0.2 and possibly other versions allow remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the enc parameter to (1) calendarDialog.jsp or (2) fred.jsp. ...
Oracle Application Server Portal 9.0.2
7.5
CVSSv2
CVE-2002-0947
Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and previous versions, as used in Oracle9iAS and other products, allows remote malicious users to execute arbitrary code via a long database name parameter.
Oracle Reports 6.0.8
Oracle Application Server 9.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »