Access Restriction Bypass in Oracle Web Listener
CVE-1999-1547

Currently unrated

Key Information:

Vendor: Oracle
Status: Web Listener
Vendor: CVE Published:; 25 November 1999

What is CVE-1999-1547?

Oracle Web Listener 2.1 presents a security vulnerability that enables remote attackers to circumvent established access restrictions. This is accomplished by substituting a character in the URL with its HTTP-encoded (hex) equivalent, potentially allowing unauthorized access to restricted resources. It is critical for organizations using this product to implement appropriate security measures to mitigate this risk.

References

http://marc.info/?l=ntbugtraq&m=94390053530890&w=2

mailing-listx_refsource_NTBUGTRAQ

http://marc.info/?l=bugtraq&m=94359982417686&w=2

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/841

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
Nov 25, 1999