CVE-2002-0568
First published: Tue Jun 11 2002(Updated: )
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Oracle9i | =9.0.1 | |
| Oracle Oracle9i | =9.0 | |
| Oracle Oracle8i | =8.1.7.1 | |
| Oracle Oracle8i | =8.1.7 | |
| Oracle Application Server | =1.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- vendor/oracle
- product/oracle9i
- canonical/oracle oracle9i
- product/oracle8i
- canonical/oracle oracle8i
- product/application server
- canonical/oracle application server
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/softwarecombine
- agent/remedy
- agent/first-publish-date
- agent/event
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- version/oracle oracle9i/9.0.1
- version/oracle oracle9i/9.0
- version/oracle oracle8i/8.1.7.1
- version/oracle oracle8i/8.1.7
- version/oracle application server/1.0.2