Description

The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data.

Remediation

References

CVE-2002-0386

Related Vulnerabilities

PostgreSQL Resource Management Errors Vulnerability (CVE-2009-0922)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-23124)

WordPress Plugin Simple 301 Redirects-Addon-Bulk Uploader Multiple Security Bypass Vulnerabilities (1.2.4)

Jenkins Improper Authentication Vulnerability (CVE-2014-2066)

WordPress Plugin GdeSlon Affiliate Shop Open Redirect (2.0)

Severity

Medium

Classification

CVE-2002-0386

Tags

Missing Update Known Vulnerabilities