Heap-based buffer overflow in Oracle 9i Application Server Web Cache 126.96.36.199.0, 188.8.131.52.0, 184.108.40.206.0, and 220.127.116.11.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities."
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention