PL/SQL Module Vulnerability in Oracle Application Server
CVE-2002-0560

Currently unrated

Key Information:

Vendor: Oracle
Status: Oracle9i; Application Server Web Cache; Oracle8i; Application Server
Vendor: CVE Published:; 3 July 2002

What is CVE-2002-0560?

The vulnerability in the PL/SQL module of Oracle 9i Application Server 1.0.2.x allows remote attackers to exploit specific stored procedures in the OWA_UTIL package. This exploitation can lead to the unauthorized disclosure of sensitive information, including potentially sensitive signatures and query results, compromising the confidentiality of the data managed by the server.

References

http://marc.info/?l=bugtraq&m=101301813117562&w=2

mailing-listx_refsource_BUGTRAQ

http://www.kb.cert.org/vuls/id/307835

third-party-advisoryx_refsource_CERT-VN

http://www.cert.org/advisories/CA-2002-08.html

third-party-advisoryx_refsource_CERT

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2002
Vulnerability Reserved
Jun 7, 2002