Oracle Secure Enterprise Search 'search_p_groups' Parameter Cross Site Scripting Vulnerability

Bugtraq ID: 35681
Class: Input Validation Error
CVE: CVE-2009-1968
Remote: Yes
Local: No
Published: Jul 14 2009 12:00AM
Updated: Jul 17 2009 05:06PM
Credit: Alexandr Polyakov of Digital Security Research Group
Vulnerable: Oracle Secure Enterprise Search 10g 10.1.8 .2.0
Oracle Oracle10g Standard Edition 10.2 .3
Oracle Oracle10g Standard Edition 10.2.0.4
Oracle Oracle10g Personal Edition 10.2 .3
Oracle Oracle10g Personal Edition 10.2.0.4
Oracle Oracle10g Enterprise Edition 10.2 .3
Oracle Oracle10g Enterprise Edition 10.2.0.4
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus