mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
82 lines
2.6 KiB
JSON
82 lines
2.6 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2002-0568",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "20020206 Hackproofing Oracle Application Server paper",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://marc.info/?l=bugtraq&m=101301813117562&w=2"
|
|
},
|
|
{
|
|
"name": "CA-2002-08",
|
|
"refsource": "CERT",
|
|
"url": "http://www.cert.org/advisories/CA-2002-08.html"
|
|
},
|
|
{
|
|
"name": "4290",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/4290"
|
|
},
|
|
{
|
|
"name": "http://www.nextgenss.com/papers/hpoas.pdf",
|
|
"refsource": "MISC",
|
|
"url": "http://www.nextgenss.com/papers/hpoas.pdf"
|
|
},
|
|
{
|
|
"name": "VU#476619",
|
|
"refsource": "CERT-VN",
|
|
"url": "http://www.kb.cert.org/vuls/id/476619"
|
|
}
|
|
]
|
|
}
|
|
} |