Description

Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'.

Remediation

References

CVE-2000-0169

Related Vulnerabilities

Jenkins Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1999044)

WordPress Plugin Dynamic Widgets Multiple Unspecified Vulnerabilities (1.5.7)

Microsoft SQL Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2003-0230)

MySQL CVE-2013-1523 Vulnerability (CVE-2013-1523)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20900)

Severity

High

Classification

CVE-2000-0169

Tags

Missing Update Known Vulnerabilities