CVE-2000-1235 in Oracle9i Application Serverinfo

Summary

The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

07/14/2005

Disclosure

12/31/2000

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
88833	Oracle Oracle9i Application Server mod_plsql information disclosure	200	Not defined	Workaround	CVE-2000-1235
16220	Oracle Internet Application Server HTTP Request sql injection	89	Not defined	Official fix	CVE-2000-1235

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!