Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle application server 9.0.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1858
Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 up to and including 9.0.2.0.1, when running on Windows, allows remote malicious users to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF direc...
Oracle Application Server 9.0.2.0.0
Oracle Application Server 9.0.2.0.1
Oracle Application Server 9.0.2
Oracle Application Server 1.0.2.2
NA
CVE-2002-2347
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote malicious users to inject arbitrary web script or HTML...
Oracle Application Server 1.0.2.1s
Oracle Application Server 9.0.2
Oracle Application Server 1.0.2.2
Oracle Application Server 1.0.2
NA
CVE-2006-6697
CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle Portal 10g and previous versions, including 9.0.2, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the enc parameter.
Oracle Application Server Portal 10g
Oracle Application Server Portal 9.0.2
1 EDB exploit
NA
CVE-2004-2134
Oracle toplink mapping workBench uses a weak encryption algorithm for passwords, which allows local users to decrypt the passwords.
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.2.0.0
Oracle Application Server 9.0.2.3
Oracle Application Server 9.0.2.0.1
Oracle Application Server 9.0.2.2
Oracle Application Server 9.0.2
Oracle Application Server 9.0.3
1 EDB exploit
NA
CVE-2002-0386
The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote malicious users to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chun...
Oracle Application Server 9.0.2
1 EDB exploit
NA
CVE-2002-0842
Format string vulnerability in certain third party modifications to mod_dav for logging bad gateway messages (e.g. Oracle9i Application Server 9.0.2) allows remote malicious users to execute arbitrary code via a destination URI that forces a "502 Bad Gateway" response, ...
Oracle Application Server 9.0.2
NA
CVE-2005-2093
Oracle 9i Application Server (Oracle9iAS) 9.0.2 allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, wh...
Oracle Application Server 9.0.2
NA
CVE-2002-2345
Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote malicious users to gain access.
Oracle Application Server 9.0.2
NA
CVE-2002-0947
Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and previous versions, as used in Oracle9iAS and other products, allows remote malicious users to execute arbitrary code via a long database name parameter.
Oracle Reports 6.0.8
Oracle Application Server 9.0.2
NA
CVE-2006-6699
Multiple CRLF injection vulnerabilities in Oracle Portal 9.0.2 and possibly other versions allow remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the enc parameter to (1) calendarDialog.jsp or (2) fred.jsp. ...
Oracle Application Server Portal 9.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »