Summary
Oracle 9i Application Server uses Apache as it's web server. There is a buffer overflow in the mod_plsql module which allows an attacker to run arbitrary code.
Solution
Oracle have released a patch for this vulnerability, which is available from:
http://metalink.oracle.com
References
Severity
Classification
-
CVE CVE-2001-1216 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities