Denial of Service Vulnerability in Oracle 9i Application Server and Database Server
CVE-2004-2244

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
31 December 2004

Summary

The XML parser in various versions of Oracle 9i Application Server and Database Server is susceptible to denial of service attacks. Attackers can exploit this vulnerability by sending a specially crafted SOAP message containing a malicious Document Type Definition (DTD), leading to excessive CPU and memory consumption. This can disrupt service availability, impacting operations reliant on the affected products.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.