Gravedad: Crítico
  Identificadores de CVE : CVE-2004-385
  Fecha recomendada: 21 de julio de 2015


Heap-based buffer overflow in Oracle 9i Application Server Web Cache,,, and allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities."

  Revelación de la información

Apply associated Trend Micro DPI Rules.


  Trend Micro Deep Security DPI Rule Number: 1000552
  Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention

  Software y versión afectados

  • Oracle Application Server