File Corruption Vulnerability in Oracle Webcache 9i
CVE-2005-1382

Currently unrated

Key Information:

Vendor: Oracle
Status: Application Server Web Cache
Vendor: CVE Published:; 3 May 2005

What is CVE-2005-1382?

A flaw in the webcacheadmin module of Oracle Webcache 9i permits remote attackers to specify a full pathname in the cache_dump_file parameter, leading to the potential corruption of arbitrary files. This vulnerability could allow unauthorized access to critical system files and sensitive data, posing significant risks to the integrity of affected systems. Organizations utilizing Oracle Webcache should take proactive measures to assess their exposure and implement necessary security updates.

References

http://www.red-database-security.com/advisory/oracle_webc...

x_refsource_MISC

http://marc.info/?l=bugtraq&m=111472615519295&w=2

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/15143

third-party-advisoryx_refsource_SECUNIA

EPSS Score

53% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 3, 2005
Vulnerability Reserved
May 2, 2005