5 - CVE-2002-0560

Executive Summary

Informations
Name	CVE-2002-0560	First vendor Publication	2002-07-03
Vendor	Cve	Last vendor Modification	2016-10-18

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listprint, or (3) OWA_UTIL.show_query_columns.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0560

CPE : Common Platform Enumeration

Type	Description	Count
Application	Oracle Application Server cpe:2.3:a:oracle:application_server:1.0.2:::::::*	1
Application	Oracle Application Server Web Cache cpe:2.3:a:oracle:application_server_web_cache:2.0.0.3:::::::* cpe:2.3:a:oracle:application_server_web_cache:2.0.0.2:::::::* cpe:2.3:a:oracle:application_server_web_cache:2.0.0.1:::::::* cpe:2.3:a:oracle:application_server_web_cache:2.0.0.0:::::::*	4
Application	Oracle oracle8i cpe:2.3:a:oracle:oracle8i:8.1.7.1:::::::* cpe:2.3:a:oracle:oracle8i:8.1.7:::::::*	2
Application	Oracle oracle9i cpe:2.3:a:oracle:oracle9i:9.0.1:::::::* cpe:2.3:a:oracle:oracle9i:9.0:::::::*	2

OpenVAS Exploits

Date	Description
2005-11-03	Name : Oracle 9iAS OWA UTIL access File : nvt/oracle9i_owautil.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
9471	Oracle Application Server PL/SQL Module OWA_UTIL Stored Procedures Informatio...

Snort® IPS/IDS

Date	Description
2019-09-10	Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50926 - Revision : 1 - Type : SERVER-WEBAPP
2019-09-10	Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50925 - Revision : 1 - Type : SERVER-WEBAPP
2019-09-10	Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50924 - Revision : 1 - Type : SERVER-WEBAPP
2019-09-10	Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50923 - Revision : 1 - Type : SERVER-WEBAPP
2019-09-10	Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50922 - Revision : 1 - Type : SERVER-WEBAPP
2019-09-10	Oracle 9i Application Server OWA_UTIL information disclosure attempt RuleID : 50921 - Revision : 1 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date	Description
2012-01-24	Name : The remote web server may be affected by multiple vulnerabilities. File : oracle_application_server_pci.nasl - Type : ACT_GATHER_INFO
2003-02-11	Name : Sensitive data may be accessed on the remote host. File : oracle9i_owautil.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/4294
BUGTRAQ	http://marc.info/?l=bugtraq&m=101301813117562&w=2
CERT	http://www.cert.org/advisories/CA-2002-08.html
CERT-VN	http://www.kb.cert.org/vuls/id/307835
CONFIRM	http://otn.oracle.com/deploy/security/pdf/ias_modplsql_alert.pdf
MISC	http://www.nextgenss.com/papers/hpoas.pdf

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-05-04 12:01:41	Multiple Updates
2021-04-22 01:01:49	Multiple Updates
2020-05-23 00:14:59	Multiple Updates
2016-10-18 12:01:01	Multiple Updates
2014-02-17 10:24:42	Multiple Updates
2013-05-11 12:09:57	Multiple Updates

Type	Count
CPE ID(s)	9
Sources(s)	6
osvdb(s)	1
Openvas Exploit(s)	1
Snort® Rule(s)	6
Nessus® Exploit(s)	2

5 - CVE-2002-0560

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU