Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-0287 — Oracle Application Server vulnerability

5 documents5 sources

Severity

10.0CRITICALNVD

EPSS

53.2%

top 2.02%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Oracle Application Server Oracle Database Server

Timeline

PublishedJan 18

Latest updateMay 1

Description

Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10.1.0.5 and Application Server 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# OHS02.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDoracle/database_server10.1.0.5

▶NVDoracle/application_server10.1.2.0.2

🔴Vulnerability Details

GHSA

GHSA-7q2v-35h7-fg25: Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10↗2022-05-01

▶

CVEList

CVE-2006-0287: Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10↗2006-01-18

▶

💥Exploits & PoCs

Exploit-DB

Oracle Database Server 9i/10g - 'XML' Local Buffer Overflow↗2006-01-26

▶

💬Community

Bugzilla

CVE-2006-4096 INSIST failure in ISC BIND recursive query↗2009-04-07

▶