Description
The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data.
Remediation
References
Related Vulnerabilities
Django Improper Input Validation Vulnerability (CVE-2014-0480)
MySQL Other Vulnerability (CVE-2012-5383)
WordPress Plugin Poll Maker SQL Injection (3.2.0)
WordPress Plugin Error Log Viewer by BestWebSoft Cross-Site Scripting (1.0.5)
WordPress Plugin YITH Desktop Notifications for WooCommerce Security Bypass (1.2.7)