Vulnerabilities > Oracle > Internet Directory
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-01 | CVE-2019-0227 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. | 7.5 |
| 2018-08-02 | CVE-2018-8032 | Cross-site Scripting vulnerability in multiple products Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. | 6.1 |
| 2018-01-18 | CVE-2018-2601 | Unspecified vulnerability in Oracle Internet Directory 11.1.1.7.0/11.1.1.9.0/12.2.1.3.0 Vulnerability in the Oracle Internet Directory component of Oracle Fusion Middleware (subcomponent: Oracle Directory Services Manager). network oracle | 6.0 |
| 2001-07-17 | CVE-2001-0974 | Unspecified vulnerability in Oracle Internet Directory 2.1.1/3.0.1 Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | 7.5 |
| 2001-07-16 | CVE-2001-1321 | Denial-Of-Service vulnerability in Internet Directory 2.1.1/3.0.1 Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite. | 7.5 |
| 2001-07-16 | CVE-2001-0975 | Buffer Overflow vulnerability in Oracle Internet Directory 2.1.1/3.0.1 Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | 7.5 |
| 2001-06-02 | CVE-2001-0300 | Local Security vulnerability in Oracle Internet Directory 2.1.1.1 oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack. | 2.1 |
| 2000-12-19 | CVE-2000-0987 | Unspecified vulnerability in Oracle Internet Directory and Oracle8I Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter. | 4.6 |