Description

The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to shut down an Oracle TNS Listener via a TNS STOP command in a request that uses the database/TNS alias, aka AS01.

Remediation

References

CVE-2007-2120

Related Vulnerabilities

MySQL CVE-2022-21635 Vulnerability (CVE-2022-21635)

Apache Traffic Server CVE-2014-3525 Vulnerability (CVE-2014-3525)

e107 Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2020)

Beego Framework Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-39391)

WordPress Plugin wp heyloyalty Remote Code Execution (1.1.4)

Severity

High

Classification

CVE-2007-2120

Tags

Missing Update Known Vulnerabilities