Oracle

Application Server

198 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2007-3553

  • EPSS 11.39%
  • Published 03.07.2007 21:30:00
  • Last modified 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Rapid Install Web Server in Oracle Application Server 11i allows remote attackers to inject arbitrary web script or HTML via a URL to the "Secondary Login Page", as demonstrated using (1) pls/ and (2) pls/M...

6.8

CVE-2007-2119

  • EPSS 3.83%
  • Published 18.04.2007 18:19:00
  • Last modified 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the Administration Front End for Oracle Enterprise (Ultra) Search, as used in Database Server 9.2.0.8, 10.1.0.5, and 10.2.0.2, and in Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2...

7.8

CVE-2007-2120

  • EPSS 3.75%
  • Published 18.04.2007 18:19:00
  • Last modified 09.04.2025 00:30:58

The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to shut down an Oracle TNS Listener via a TNS STOP command in a request that uses the database/TNS alias, aka AS01.

10

CVE-2007-2121

  • EPSS 1.12%
  • Published 18.04.2007 18:19:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the COREid Access component in Oracle Application Server 7.0.4.4 has unknown impact and attack vectors, aka AS02.

10

CVE-2007-2122

  • EPSS 1.12%
  • Published 18.04.2007 18:19:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Wireless component in Oracle Application Server 9.0.4.3 has unknown impact and attack vectors, aka AS03.

10

CVE-2007-2123

  • EPSS 1.12%
  • Published 18.04.2007 18:19:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.3 up to 10.1.3.2.0, 10.1.2 up to 10.1.2.2.0, and 9.0.4.3 has unknown impact and attack vectors, aka AS04.

10

CVE-2007-2124

  • EPSS 1.12%
  • Published 18.04.2007 18:19:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.4.1.0 has unknown impact and remote attack vectors, aka AS05.

9

CVE-2007-2130

  • EPSS 2.08%
  • Published 18.04.2007 18:19:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in Workflow Cartridge, as used in Oracle Database Server 9.2.0.1, 10.1.0.2, and 10.2.0.1; Application Server 9.0.4.3 and 10.1.2.0.2; Collaboration Suite 10.1.2; and E-Business Suite; has unknown impact and remote authenticat...

4.3

CVE-2007-1609

  • EPSS 0.55%
  • Published 22.03.2007 23:19:00
  • Last modified 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in servlet/Spy in Dynamic Monitoring Services (DMS) in Oracle Application Server (OAS) 10g 10.1.2.0.0 allows remote attackers to inject arbitrary web script or HTML via the table parameter. NOTE: This may be ...

3.5

CVE-2007-0275

  • EPSS 1.04%
  • Published 17.01.2007 02:28:00
  • Last modified 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Oracle Reports Web Cartridge (RWCGI60) in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Su...