CVE-2004-1877
published 2004-03-30CVE-2004-1877: The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO…
low2.6CVSS 3.1
AVNACHAuNCPINAN
The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | application_server | — | — |
| oracle | http_server | — | — |
| oracle | http_server | — | — |
| oracle | http_server | — | — |