1. CVE-Search
  2. CVE-2002-1639
ID CVE-2002-1639
Summary Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to obtain sensitive information via a request to the oracle.apps.cz.servlet.UiServlet servlet with the test parameter set to "version" or "host".
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:configurator:11.5.6.16.27:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.6.16.27:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.6.16.36:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.6.16.36:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.6.16.38:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.6.16.38:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.6.16.39:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.6.16.39:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.6.16.45:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.6.16.45:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.6.16.47:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.6.16.47:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.6.16.49:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.6.16.49:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.6.16.52:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.6.16.52:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.6.16.53:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.6.16.53:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.7.17.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.7.17.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.7.17.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.7.17.13:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.7.17.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.7.17.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.7.17.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.7.17.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.7.17.17:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.7.17.17:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.7.17.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.7.17.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11.5.7.17.31:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11.5.7.17.31:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:configurator:11i:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:configurator:11i:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 26-09-2018 - 16:05)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 4433
cert-vn VU#158323
confirm http://www.oracle.com/technology//deploy/security/htdocs/oconfigvul.html
sectrack 1003967
xf oracle-configurator-uiservlet-information(8782)
Last major update 26-09-2018 - 16:05
Published 01-04-2002 - 05:00
Last modified 26-09-2018 - 16:05
Back to Top