VYPR

HTTP Server

by Oracle Corporation

CVEs (65)

  • CVE-2006-0435Jan 26, 2006
    risk 0.00cvss epss 0.06

    Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and…

  • CVE-2006-0286Jan 18, 2006
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.5, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Oracle Vuln# OHS01.

  • CVE-2004-1877Mar 30, 2004
    risk 0.00cvss epss 0.03

    The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and…

  • CVE-1999-1125Sep 19, 1997
    risk 0.00cvss epss 0.04

    Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file.

  • CVE-1999-1068Jul 23, 1997
    risk 0.00cvss epss 0.02

    Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request.

Page 4 of 4