CVE-2002-0559
Published Jul 3, 2002
Last updated 7 years ago
Overview
- Description
- Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or execute arbitrary code via (1) a long help page request without a dadname, which overflows the resulting HTTP Location header, (2) a long HTTP request to the plsql module, (3) a long password in the HTTP Authorization, (4) a long Access Descriptor (DAD) password in the addadd form, or (5) a long cache directory name.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC62E1B2-6964-4459-A1EF-A6A087C2960F"
},
{
"criteria": "cpe:2.3:a:oracle:application_server_web_cache:2.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C272DE0-3717-40D0-99A6-2B4108BF85A3"
},
{
"criteria": "cpe:2.3:a:oracle:application_server_web_cache:2.0.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4959B7CD-218F-47A3-A604-629B69E1905B"
},
{
"criteria": "cpe:2.3:a:oracle:application_server_web_cache:2.0.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6659ECF3-D355-4357-BB15-DAFA427FCD12"
},
{
"criteria": "cpe:2.3:a:oracle:application_server_web_cache:2.0.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B34A419-42C2-44FC-84C7-65699BA07120"
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:8.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E0E5C6A-FFEA-4855-AE5D-65806B6AFA59"
},
{
"criteria": "cpe:2.3:a:oracle:oracle8i:8.1.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2607015-B358-4963-968C-777E2AE9650D"
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C2720EA-55FB-40B1-BE58-3E16628DA248"
},
{
"criteria": "cpe:2.3:a:oracle:oracle9i:9.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9BB176D-7A94-4A91-89FC-9971E19FF7C6"
}
],
"operator": "OR"
}
]
}
]