Vulnerability Details CVE-2002-1639
Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to obtain sensitive information via a request to the oracle.apps.cz.servlet.UiServlet servlet with the test parameter set to "version" or "host".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://securitytracker.com/id?1003967
- http://www.kb.cert.org/vuls/id/158323
- http://www.oracle.com/technology//deploy/security/htdocs/oconfigvul.html
- http://www.securityfocus.com/bid/4433
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8782
- http://securitytracker.com/id?1003967
- http://www.kb.cert.org/vuls/id/158323
- http://www.oracle.com/technology//deploy/security/htdocs/oconfigvul.html
- http://www.securityfocus.com/bid/4433
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8782
Products affected by CVE-2002-1639
-
cpe:2.3:a:oracle:configurator:11.5.6.16.27
-
cpe:2.3:a:oracle:configurator:11.5.6.16.36
-
cpe:2.3:a:oracle:configurator:11.5.6.16.38
-
cpe:2.3:a:oracle:configurator:11.5.6.16.39
-
cpe:2.3:a:oracle:configurator:11.5.6.16.45
-
cpe:2.3:a:oracle:configurator:11.5.6.16.47
-
cpe:2.3:a:oracle:configurator:11.5.6.16.49
-
cpe:2.3:a:oracle:configurator:11.5.6.16.52
-
cpe:2.3:a:oracle:configurator:11.5.6.16.53
-
cpe:2.3:a:oracle:configurator:11.5.7.17.10
-
cpe:2.3:a:oracle:configurator:11.5.7.17.13
-
cpe:2.3:a:oracle:configurator:11.5.7.17.14
-
cpe:2.3:a:oracle:configurator:11.5.7.17.16
-
cpe:2.3:a:oracle:configurator:11.5.7.17.17
-
cpe:2.3:a:oracle:configurator:11.5.7.17.18
-
cpe:2.3:a:oracle:configurator:11.5.7.17.31
-
cpe:2.3:a:oracle:configurator:11i