Unrated severityNVD Advisory· Published Jul 16, 2001· Updated Jun 16, 2026
CVE-2001-1321
CVE-2001-1321
Description
Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:oracle:internet_directory:2.1.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:internet_directory:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:internet_directory:3.0.1:*:*:*:*:*:*:*
- (no CPE)range: 2.1.1.x, 3.0.1
Patches
Vulnerability mechanics
References
5- ciac.llnl.gov/ciac/bulletins/l-116.shtmlnvdPatchVendor Advisory
- www.cert.org/advisories/CA-2001-18.htmlnvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/869184nvdUS Government Resource
- www.kb.cert.org/vuls/id/JPLA-4WESNVnvdUS Government Resource
- www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/nvd
News mentions
0No linked articles in our index yet.