Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote malicious users to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle application server 1.0.2.1s |
||
oracle application server 1.0.2.2 |
||
oracle application server 1.0.2 |
||
oracle application server 9.0.2.0.0 |
||
oracle application server 9.0.2.0.1 |