CVE

Id
8813  
CVE No.
CVE-2004-0385  
Status
Candidate  
Description
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities."  
Phase
Assigned (20040406)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
55703 8813 CVE-2004-0385 VULNWATCH:20040408 Heap Overflow in Oracle 9iAS / 10g Application Server Web Cache  View
55704 8813 CVE-2004-0385 URL:http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0078.html  View
55705 8813 CVE-2004-0385 BUGTRAQ:20040408 Heap Overflow in Oracle 9iAS / 10g Application Server Web Cache  View
55706 8813 CVE-2004-0385 URL:http://marc.info/?l=bugtraq&m=108144419001770&w=2  View
55707 8813 CVE-2004-0385 MISC:http://www.inaccessnetworks.com/ian/services/secadv01.txt  View
55708 8813 CVE-2004-0385 BUGTRAQ:20040316 new security alert #66 issued in Oracle web cache  View
55709 8813 CVE-2004-0385 URL:http://marc.info/?l=bugtraq&m=107945649127635&w=2  View
55710 8813 CVE-2004-0385 CONFIRM:http://otn.oracle.com/deploy/security/pdf/2004alert66.pdf  View
55711 8813 CVE-2004-0385 CERT-VN:VU#413006  View
55712 8813 CVE-2004-0385 URL:http://www.kb.cert.org/vuls/id/413006  View
55713 8813 CVE-2004-0385 BID:9868  View
55714 8813 CVE-2004-0385 URL:http://www.securityfocus.com/bid/9868  View
55715 8813 CVE-2004-0385 OSVDB:4249  View
55716 8813 CVE-2004-0385 URL:http://www.osvdb.org/4249  View
55717 8813 CVE-2004-0385 SECUNIA:11118  View
55718 8813 CVE-2004-0385 URL:http://secunia.com/advisories/11118  View
55719 8813 CVE-2004-0385 XF:oracle-web-cache-vulnerabilities(15463)  View

Related JVN