Vulnerability in N/a
CVE-2001-1217
Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.
EPSS: 0.544 (98.9th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 3727 (vdb-entry, x_refsource_BID)
- VU#758483 (x_refsource_CERT-VN, third-party-advisory)
- oracle-appserver-modplsql-traversal(7728) (vdb-entry, x_refsource_XF)
- otn.oracle.com/deploy/security/pdf/modplsql.pdf (x_refsource_CONFIRM)
- 20011221 Buffer Overflow in Oracle 9iAS (#NISR20122001) (mailing-list, x_refsource_BUGTRAQ)