Description

Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2.

Remediation

References

CVE-2002-1632

Related Vulnerabilities

MySQL CVE-2022-21355 Vulnerability (CVE-2022-21355)

WordPress Plugin Pressbooks Textbook Cross-Site Scripting (1.2.5)

WordPress Plugin Pondol Carousel Cross-Site Scripting (1.0)

MySQL CVE-2019-2808 Vulnerability (CVE-2019-2808)

WordPress Plugin Social Metrics Tracker Cross-Site Scripting (1.6.8)

Severity

Medium

Classification

CVE-2002-1632

Tags

Missing Update Known Vulnerabilities