Summary
Oracle 9i Application Server uses Apache as it's web server. There is a buffer overflow in the mod_plsql module which allows an attacker to run arbitrary code.
Solution
Oracle have released a patch for this vulnerability, which is available from:
http://metalink.oracle.com
References
Severity
Classification
-
CVE CVE-2001-1216 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache Tomcat AJP Protocol Security Bypass Vulnerability
- ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
- Apache Solr XML External Entity(XXE) Vulnerability-02 Jan-14
- Adobe ColdFusion Directory Traversal Vulnerability
- Atmail Multiple Unspecified Security Vulnerabilities.