Vulnerability Details CVE-2005-1382
The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cache_dump_file parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.538
EPSS Ranking 97.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=111472615519295&w=2
- http://secunia.com/advisories/15143
- http://www.osvdb.org/15909
- http://www.red-database-security.com/advisory/oracle_webcache_append_file_vulnerabilitiy.html
- http://www.securityfocus.com/bid/13420
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20310
- http://marc.info/?l=bugtraq&m=111472615519295&w=2
- http://secunia.com/advisories/15143
- http://www.osvdb.org/15909
- http://www.red-database-security.com/advisory/oracle_webcache_append_file_vulnerabilitiy.html
- http://www.securityfocus.com/bid/13420
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20310
Products affected by CVE-2005-1382
-
cpe:2.3:a:oracle:application_server_web_cache:-
-
cpe:2.3:a:oracle:application_server_web_cache:10.1.2.0.0
-
cpe:2.3:a:oracle:application_server_web_cache:10.1.2.0.2
-
cpe:2.3:a:oracle:application_server_web_cache:10.1.2.2.0
-
cpe:2.3:a:oracle:application_server_web_cache:2.0.0.0
-
cpe:2.3:a:oracle:application_server_web_cache:2.0.0.1
-
cpe:2.3:a:oracle:application_server_web_cache:2.0.0.2
-
cpe:2.3:a:oracle:application_server_web_cache:2.0.0.3
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.0.4.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.2.0.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.2.2.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.2.3.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.3.1.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.4.0.0
-
cpe:2.3:a:oracle:application_server_web_cache:9.0.4.1.0