Threat Encyclopedia

Oracle9i.Application.Server.OracleJSP.Information.Disclosure

description-logoDescription

This indicates an attack attempt to exploit an Information Disclosure vulnerability in Oracle 9i Application Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. As a result, a remote attacker can gain unauthorized access to sensitive information by making a direct request to globals.jsa.

affected-products-logoAffected Products

Oracle Oracle9i Application Server Web Cache 2.0.x

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's website for suggested workaround.

CVE References

CVE-2002-0562