Vulnerability Details CVE-2005-1381
Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote attackers to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.517
EPSS Ranking 97.7%
CVSS Severity
CVSS v2 Score 6.8
References
- http://marc.info/?l=bugtraq&m=111472423409560&w=2
- http://secunia.com/advisories/15143
- http://www.osvdb.org/15910
- http://www.red-database-security.com/advisory/oracle_webcache_CSS_vulnerabilities.html
- http://www.securityfocus.com/bid/13421
- http://www.securityfocus.com/bid/13422
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20309
- http://marc.info/?l=bugtraq&m=111472423409560&w=2
- http://secunia.com/advisories/15143
- http://www.osvdb.org/15910
- http://www.red-database-security.com/advisory/oracle_webcache_CSS_vulnerabilities.html
- http://www.securityfocus.com/bid/13421
- http://www.securityfocus.com/bid/13422
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20309
Products affected by CVE-2005-1381
-
cpe:2.3:a:oracle:application_server_web_cache:-
-
cpe:2.3:a:oracle:application_server_web_cache:10.1.2.0.0
-
cpe:2.3:a:oracle:application_server_web_cache:10.1.2.0.2
-
cpe:2.3:a:oracle:application_server_web_cache:10.1.2.2.0
-
cpe:2.3:a:oracle:application_server_web_cache:2.0.0.0
-
cpe:2.3:a:oracle:application_server_web_cache:2.0.0.1
-
cpe:2.3:a:oracle:application_server_web_cache:2.0.0.2
-
cpe:2.3:a:oracle:application_server_web_cache:2.0.0.3
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.0.4.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.2.0.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.2.2.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.2.3.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.3.1.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.4.0.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.4.1.0