Summary
In a default installation of Oracle 9iAS, it is possible to use the mod_plsql module to perform a directory traversal attack.
Solution
Download the patch from the oracle metalink site.
References
Severity
Classification
-
CVE CVE-2001-1217 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- @Mail 'MailType' Parameter Cross Site Scripting Vulnerability
- Advantech WebAccess Multiple Stack Based Buffer Overflow Vulnerabilities
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
- @Mail WebMail Email Body HTML Injection Vulnerability
- 3Com NBX VoIP NetSet Detection