Description

The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to shut down an Oracle TNS Listener via a TNS STOP command in a request that uses the database/TNS alias, aka AS01.

Remediation

References

CVE-2007-2120

Related Vulnerabilities

WordPress Plugin Contact Form 7 Database Multiple Vulnerabilities (1.1)

WordPress Plugin WPFront Notification Bar Cross-Site Scripting (1.9.1.04012)

WordPress Plugin Registration Forms-User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction Cross-Site Scripting (3.0.17)

WordPress Plugin WordPress Custom Global Variable Unspecified Vulnerability (3.0.0)

WordPress Plugin WPE Indoshipping Multiple Remote File Inclusion Vulnerabilities (2.5.0)

Severity

High

Classification

CVE-2007-2120

Tags

Missing Update Known Vulnerabilities