Vulnerability Details CVE-2002-1630
The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote attackers to send arbitrary emails.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.047
EPSS Ranking 88.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.kb.cert.org/vuls/id/717827
- http://www.kb.cert.org/vuls/id/SVIM-576QLZ
- http://www.nextgenss.com/papers/hpoas.pdf
- http://www.oracle.com/technology/deploy/security/pdf/ias_modplsql_alert.pdf
- http://www.securityfocus.com/bid/6556
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8664
- http://www.kb.cert.org/vuls/id/717827
- http://www.kb.cert.org/vuls/id/SVIM-576QLZ
- http://www.nextgenss.com/papers/hpoas.pdf
- http://www.oracle.com/technology/deploy/security/pdf/ias_modplsql_alert.pdf
- http://www.securityfocus.com/bid/6556
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8664
Products affected by CVE-2002-1630
-
cpe:2.3:a:oracle:application_server:1.0.2
-
cpe:2.3:a:oracle:application_server:1.0.2.1s
-
cpe:2.3:a:oracle:application_server:1.0.2.2
-
cpe:2.3:a:oracle:application_server:9.0.2.0.0
-
cpe:2.3:a:oracle:application_server:9.0.2.0.1