Description

Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.

Remediation

References

CVE-2001-1217

Related Vulnerabilities

GlassFish CVE-2018-2911 Vulnerability (CVE-2018-2911)

Jenkins Incorrect Authorization Vulnerability (CVE-2018-1999004)

WordPress Plugin Albo Pretorio On line Multiple Vulnerabilities (3.2)

Oracle Database Server CVE-2007-2117 Vulnerability (CVE-2007-2117)

Joomla CVE-2018-17859 Vulnerability (CVE-2018-17859)

Severity

Medium

Classification

CVE-2001-1217

Tags

Missing Update Known Vulnerabilities