Oracle.Application.Server.10g.OPMN.Service.Format.String
Description
This indicates an attack attempt against a format-string vulnerability in Oracle Application Server.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted HTTP request. It allows a remote attacker to execute arbitrary code.
Affected Products
Oracle Application Server 10g 10.1.2.3
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch, available from the vendor's web site:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2018-10-16 | 13.473 | Sig Added |