CVE-2004-2244 Information

Description

The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1 9.0.2.3 and earlier and Release 1 1.0.2.2 and 1.0.2.2.2 and Database Server Release 2 9.2.0.1 and later allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD.

Reference

http://otn.oracle.com/deploy/security/pdf/2004alert65.pdf http://secunia.com/advisories/10936 http://www.osvdb.org/4011 http://www.securityfocus.com/bid/9703 https://exchange.xforce.ibmcloud.com/vulnerabilities/15270