Oracle HTTP Server 12.1.3.0

CPE Details

Oracle HTTP Server 12.1.3.0
oracle
http_server
12.1.3.0
2020-08-25
13h20 +00:00
2020-08-25
13h20 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:http_server:12.1.3.0:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

http_server

Version

12.1.3.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-5360 2020-12-16 15h50 +00:00 Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems.
7.5
High
CVE-2018-20843 2019-06-24 14h06 +00:00 In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
7.5
High
CVE-2016-3482 2016-07-21 08h00 +00:00 Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 and 12.1.3.0 allows remote attackers to affect confidentiality via vectors related to SSL/TLS Module.
3.7
Low
CVE-2014-0226 2014-07-20 08h00 +00:00 Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.
6.8
CVE-2013-5704 2014-04-15 08h00 +00:00 The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."
5
CVE-2013-6438 2014-03-18 00h00 +00:00 The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service (daemon crash) via a crafted DAV WRITE request.
5
CVE-2014-0098 2014-03-18 00h00 +00:00 The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation fault and daemon crash) via a crafted cookie that is not properly handled during truncation.
5
CVE-2013-1862 2013-06-10 15h00 +00:00 mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
5.1