Description
The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data.
Remediation
References
Related Vulnerabilities
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-10968)
WordPress Plugin WP Database Backup Cross-Site Scripting (5.1.1)
WordPress Plugin Modern Events Calendar Lite Multiple Vulnerabilities (5.16.5)
WordPress Plugin YITH Product Size Charts for WooCommerce Security Bypass (1.1.11)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-9788)