VDB
CVE-2001-1217
CVE-2001-1217
PUBLISHED
CVSS 5 MEDIUM
Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences.
EPSS 6.55% · 91.3th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
6.55%
91.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| oracle | application_server | 1.0.2 |
Timeline
- Dec 21, 2001 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Jul 24, 2023 EPSS Score
References
- 3727 vdb
- VU#758483 third-party-advisory
- oracle-appserver-modplsql-traversal(7728) vdb
- http://otn.oracle.com/deploy/security/pdf/modplsql.pdf url
- 20011221 Buffer Overflow in Oracle 9iAS (#NISR20122001) mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2001-1217 advisory