Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle application server 9.0.2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2002-1858
Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 up to and including 9.0.2.0.1, when running on Windows, allows remote malicious users to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF direc...
Oracle Application Server 1.0.2.2
Oracle Application Server 9.0.2
Oracle Application Server 9.0.2.0.0
Oracle Application Server 9.0.2.0.1
5
CVSSv2
CVE-2002-0386
The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote malicious users to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chun...
Oracle Application Server 9.0.2
1 EDB exploit
5
CVSSv2
CVE-2002-1089
rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote malicious users to use the information in additional attacks.
Oracle Application Server 9.0.2
Oracle Reports 6.0.8
Oracle Reports 6.0.8.19
1 EDB exploit
4.6
CVSSv2
CVE-2004-1365
Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.
Oracle Application Server 9.0.2.0.1
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.4.1
Oracle Collaboration Suite Release 1
Oracle E-business Suite 11.5.8
Oracle E-business Suite 11.5.9
Oracle Oracle10g Personal 10.1 .0.2
Oracle Oracle10g Personal 9.0.4 .0
Oracle Oracle8i Enterprise 8.1.5 .0.2
Oracle Oracle8i Enterprise 8.1.5 .1.0
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle8i Standard 8.1.5
Oracle Oracle8i Standard 8.1.6
Oracle Oracle9i Enterprise 8.1.7
Oracle Oracle9i Enterprise 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 8.1.7
Oracle Oracle9i Personal 9.2.0.3
Oracle Oracle9i Personal 9.2.0.4
Oracle Oracle9i Standard 9.0.1.4
Oracle Oracle9i Standard 9.0.1.5
Oracle Application Server
4.6
CVSSv2
CVE-2004-1366
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.
Oracle Application Server
Oracle Application Server 9.0.3
Oracle Application Server 9.0.3.1
Oracle E-business Suite 11.5.3
Oracle Application Server 9.0.2.0.1
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.4.1
Oracle Collaboration Suite Release 1
Oracle E-business Suite 11.5.7
Oracle E-business Suite 11.5.8
Oracle E-business Suite 11.5.9
Oracle Oracle10g Personal 10.1 .0.2
Oracle Oracle10g Personal 9.0.4 .0
Oracle Oracle8i Enterprise 8.1.5 .0.2
Oracle Oracle8i Enterprise 8.1.5 .1.0
Oracle Oracle8i Standard 8.1.5
Oracle Oracle8i Standard 8.1.6
Oracle Oracle9i Enterprise 8.1.7
Oracle Oracle9i Enterprise 9.0.1
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.3
4.6
CVSSv2
CVE-2004-2134
Oracle toplink mapping workBench uses a weak encryption algorithm for passwords, which allows local users to decrypt the passwords.
Oracle Application Server 9.0.2.0.0
Oracle Application Server 9.0.2.0.1
Oracle Application Server 9.0.2.3
Oracle Application Server 9.0.3
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.2.2
Oracle Application Server 9.0.2
1 EDB exploit
4.4
CVSSv2
CVE-2004-1367
Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain th...
Oracle Application Server 9.0.3
Oracle Application Server 9.0.3.1
Oracle E-business Suite 11.5.3
Oracle E-business Suite 11.5.4
Oracle Enterprise Manager 9.0.1
Oracle Enterprise Manager Database Control 10.1.2
Oracle Oracle8i Enterprise 8.0.5 .0.0
Oracle Oracle8i Enterprise 8.0.6 .0.0
Oracle Oracle8i Enterprise 8.1.7 .0.0
Oracle Oracle8i Enterprise 8.1.7 .1.0
Oracle Oracle8i Standard 8.1.7 .0.0
Oracle Oracle8i Standard 8.1.7 .1
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Enterprise 9.2.0
Oracle Oracle9i Enterprise 9.2.0.1
Oracle Oracle9i Personal 9.0.1.4
Oracle Oracle9i Personal 9.0.1.5
Oracle Application Server 9.0.2.2
Oracle Application Server 9.0.2.3
Oracle E-business Suite 11.5.1
Oracle E-business Suite 11.5.2
Oracle E-business Suite 11.5.9
4.3
CVSSv2
CVE-2005-3204
Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote malicious users to inject arbitrary web script or HTML via the query string in an HTTP request.
Oracle Application Server 9.0.2.3
Oracle Application Server 9.0.3
Oracle Oracle9i Enterprise 9.0.1.4
Oracle Oracle9i Enterprise 9.0.1.5
Oracle Oracle9i Enterprise 9.0.1.5 Fips
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Enterprise 9.2.0.6
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Standard 9.0.1.2
Oracle Oracle9i Standard 9.0.1.3
Oracle Oracle9i Standard 9.0.1.4
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.2.2
Oracle Oracle9i Developer 9.0.4
Oracle Oracle9i Enterprise 9.0.1
Oracle Oracle9i Enterprise 9.2.0.3
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Personal 9.0.4
Oracle Oracle9i Personal 9.2
Oracle Oracle9i Standard 9.0
Oracle Oracle9i Standard 9.0.1
1 EDB exploit
4.3
CVSSv2
CVE-2005-2093
Oracle 9i Application Server (Oracle9iAS) 9.0.2 allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, wh...
Oracle Application Server 9.0.2
4.3
CVSSv2
CVE-2002-2347
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote malicious users to inject arbitrary web script or HTML...
Oracle Application Server 1.0.2
Oracle Application Server 1.0.2.1s
Oracle Application Server 1.0.2.2
Oracle Application Server 9.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »