Description
The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data.
Remediation
References
Related Vulnerabilities
Moodle Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-5153)
Oracle Database Server CVE-2019-2955 Vulnerability (CVE-2019-2955)
MySQL CVE-2013-1555 Vulnerability (CVE-2013-1555)
Moodle Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2016-7038)
WordPress Plugin Zingiri Web Shop Cookie Multiple SQL Injection Vulnerabilities (2.4.7)