7.5
CVE-2000-1236
- EPSS 1.93%
- Veröffentlicht 31.12.2000 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:53:26
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Application Server Version <= 3.0.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.93% | 0.774 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://archives.neohapsis.com/archives/bugtraq/2000-12/0339.html
http://archives.neohapsis.com/archives/bugtraq/2000-12/0372.html
http://archives.neohapsis.com/archives/bugtraq/2000-12/0463.html
http://online.securityfocus.com/archive/1/155881
http://www.securityfocus.com/bid/2150
http://www.iss.net/security_center/static/5817.php