Remote Code Execution Vulnerability in Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2)

CVE-2004-1877 · LOW Severity

AV:N/AC:H/AU:N/C:P/I:N/A:N

The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password.

Learn more about our Cis Benchmark Audit For Server Software.