CVE-2005-4550

Exploit

EPSS 53.48%
Published 28.12.2005 11:03:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Oracle ≫ Application Server Discussion Forum Portlet

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	53.48%	0.977

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.securityfocus.com/bid/16048

Exploit

http://www.vupen.com/english/advisories/2005/3085

http://marc.info/?l=full-disclosure&m=113532633229270&w=2

http://securityreason.com/securityalert/297

http://securitytracker.com/id?1015406

https://exchange.xforce.ibmcloud.com/vulnerabilities/23813

https://nvd.nist.gov/vuln/detail/CVE-2005-4550

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-4550

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-4550

EUVD