Oracle 9i Application Server DAV_PUBLIC Format String Vulnerability

A vulnerability has been reported for Oracle 9i Application Server involving its DAV functionality.

Reportedly, an attacker may be able to exploit an issue with Oracle's DAV support web folder and execute arbitrary code. This is due to an exploitable format string error in the mod_dav module.


Privacy Statement
Copyright 2010, SecurityFocus