CVE Details for CVE: CVE-2002-1630
Summary
The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote attackers to send arbitrary emails.
| Timestamps | |
|---|---|
| Last major update | 11-07-2017 - 01:29 |
| Published | 31-12-2002 - 05:00 |
| Last modified | 11-07-2017 - 01:29 |
References
Vulnerable Configurations
-
cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:application_server:1.0.2.1s:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:1.0.2.1s:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*
CWE
CVSS
Base
7.5
Impact
6.4
Exploitability
10.0
Access
| Vector | Complexity | Authentication |
|---|---|---|
| NETWORK | LOW | NONE |
Impact
| Confidentiality | Integrity | Availability |
|---|---|---|
| PARTIAL | PARTIAL | PARTIAL |
CVSS3
None
VIA4 references
cvss-vector
via4
refmap
via4
| bid | 6556 |
| cert-vn | VU#717827 |
| confirm | |
| misc | http://www.nextgenss.com/papers/hpoas.pdf |
| xf | oracle-appserver-sendmail-sample(8664) |