File Disclosure Vulnerability in Oracle Application Server Discussion Forum Portlet
CVE-2005-4550

Currently unrated

Key Information:

Vendor

Oracle
Status
Application Server Discussion Forum Portlet
Vendor
CVE Published:
28 December 2005

What is CVE-2005-4550?

A file disclosure vulnerability exists in the PORTAL schema of the Oracle Application Server Discussion Forum Portlet. Remote attackers can exploit this flaw by manipulating the 'df_next_page' parameter, appending a trailing null byte (%00) to their request. This exploitation allows unauthorized access to the source code of JSP files and potentially sensitive information, posing a significant risk to the integrity of the server and user data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=full-disclosure&m=113532633229270&w=2
mailing-listx_refsource_FULLDISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/23813
vdb-entryx_refsource_XF
http://www.vupen.com/english/advisories/2005/3085
vdb-entryx_refsource_VUPEN

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.