Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-0836

4 documents4 sources
Severity
7.5HIGH
EPSS
22.8%
top 4.13%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Oracle Application Server WEB Cache
Timeline
PublishedDec 6
Latest updateApr 30

Description

Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDoracle/application2.0.0.1

🔴Vulnerability Details

2
GHSA
GHSA-jff3-2vxf-7gwc: Buffer overflow in Oracle9iAS Web Cache 22022-04-30
CVEList
CVE-2001-0836: Buffer overflow in Oracle9iAS Web Cache 22002-03-09

💥Exploits & PoCs

1
Exploit-DB
Oracle9iAS Web Cache 2.0 - Remote Buffer Overflow2001-10-18