Description
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.
Remediation
References
Related Vulnerabilities
WordPress Plugin Multi Rating Multiple Vulnerabilities (5.0.5)
WordPress Plugin WooCommerce Product Table Lite Cross-Site Scripting (2.3.0)
Moodle Improper Input Validation Vulnerability (CVE-2014-9060)
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9048)
WordPress Plugin Smush Image Compression and Optimization Directory Traversal (2.7.5)