CVE-2002-1639 Information

Description

Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to obtain sensitive information via a request to the oracle.apps.cz.servlet.UiServlet servlet with the test parameter set to \version\ or \host.

Reference

http://securitytracker.com/id?1003967 http://www.kb.cert.org/vuls/id/158323 http://www.oracle.com/technology//deploy/security/htdocs/oconfigvul.html http://www.securityfocus.com/bid/4433 https://exchange.xforce.ibmcloud.com/vulnerabilities/8782