Information Disclosure in Oracle Configurator by Oracle
CVE-2002-1639

Currently unrated

Key Information:

Vendor

Oracle
Status
Configurator
Vendor
CVE Published:
1 April 2002

What is CVE-2002-1639?

Oracle Configurator before specific versions allows remote attackers to gain access to sensitive information. This occurs through a crafted request to the oracle.apps.cz.servlet.UiServlet servlet with parameters set to 'version' or 'host'. As a consequence, attackers can exploit this flaw to retrieve critical information that may aid in further attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/4433
vdb-entryx_refsource_BID
http://www.kb.cert.org/vuls/id/158323
third-party-advisoryx_refsource_CERT-VN
http://securitytracker.com/id?1003967
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.