← Back

CVE-2004-2244

nvd nist
Published: Dec 31, 2004Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD.

Affected (13)

Oracle
2 products
Application Server
Oracle9i
Configuration A
13 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Application Server
Version 1.0.2.2.2
Application Server
Version 1.0.2.2
Application Server
Version 9.0.3.1
Application Server
Version 9.0.3
Oracle
Oracle9i
Version enterprise_9.0.1.4
Oracle9i
Version enterprise_9.2.0.1
Oracle9i
Version enterprise_9.2.0.2
Oracle9i
Version personal_9.0.1.4
Oracle9i
Version personal_9.2.0.1
Oracle9i
Version personal_9.2.0.2
Oracle9i
Version standard_9.0.1.4
Oracle9i
Version standard_9.2.0.1
Oracle9i
Version standard_9.2.0.2

References (10)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.