CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2001-1216
https://notcve.org/view.php?id=CVE-2001-1216
Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page. Desbordamiento de buffer en el módulo de Apache PL/SQL en en Oracle 9i Application Server permite a atacantes remotos ejecutar código arbitrario mediante una petición larga a una página de ayuda. • http://otn.oracle.com/deploy/security/pdf/modplsql.pdf http://www.iss.net/security_center/static/7727.php http://www.kb.cert.org/vuls/id/500203 http://www.securityfocus.com/archive/1/246663 http://www.securityfocus.com/bid/3726 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 1CVE-2001-0836 – Oracle9iAS Web Cache 2.0 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0836
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. • https://www.exploit-db.com/exploits/21121 http://marc.info/?l=bugtraq&m=100342151132277&w=2 http://marc.info/?l=bugtraq&m=100395487007578&w=2 http://otn.oracle.com/deploy/security/pdf/webcache.pdf http://www.cert.org/advisories/CA-2001-29.html http://www.kb.cert.org/vuls/id/649979 http://www.osvdb.org/5534 https://exchange.xforce.ibmcloud.com/vulnerabilities/7306 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0591
https://notcve.org/view.php?id=CVE-2001-0591
Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack. • http://archives.neohapsis.com/archives/bugtraq/2001-02/0239.html http://www.securityfocus.com/bid/2286 https://exchange.xforce.ibmcloud.com/vulnerabilities/5986 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2001-0419 – Oracle Application Server 4.0.8.2 - ndwfn4.so Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0419
Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /jsp/. • https://www.exploit-db.com/exploits/20747 http://marc.info/?l=bugtraq&m=98692227816141&w=2 http://www.securityfocus.com/bid/2569 •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1CVE-2001-0326
https://notcve.org/view.php?id=CVE-2001-0326
Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission. • http://archives.neohapsis.com/archives/bugtraq/2001-02/0255.html http://www.osvdb.org/5706 https://exchange.xforce.ibmcloud.com/vulnerabilities/6438 •