Oracle Application Server Web Cache — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Application Server Web Cache, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2002-1641 — CVSS 10.0 (critical): Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via…
CVE-2004-0385 — CVSS 10.0 (critical): Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers…
CVE-2002-0561 — CVSS 7.5 (high): The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null…
CVE-2001-0836 — CVSS 7.5 (high): Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
CVE-2002-0559 — CVSS 7.5 (high): Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or…
CVE-2002-0564 — CVSS 7.5 (high): PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access…
CVE-2005-1381 — CVSS 6.8 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote attackers to inject arbitrary web script or HTML via…
CVE-2005-1382 — CVSS 5.0 (medium): The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the…
CVE-2002-0102 — CVSS 5.0 (medium): Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002…
CVE-2002-0560 — CVSS 5.0 (medium): PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL…
CVE-2002-0562 — CVSS 5.0 (medium): The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which…
CVE-2002-0563 — CVSS 5.0 (medium): The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users to access sensitive services without…
CVE-2002-0565 — CVSS 5.0 (medium): Oracle 9iAS 1.0.2.x compiles JSP files in the _pages directory with world-readable permissions under the web root, which allows remote…
CVE-2002-0566 — CVSS 5.0 (medium): PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP…
CVE-2002-0103 — CVSS 4.6 (medium): An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows…