Oracle Application Server Other Vulnerability - CVE-2002-1635 - Vulnerability Database

Oracle Application Server Other Vulnerability - CVE-2002-1635

Medium
Reference: CVE-2002-1635
Title: Oracle Application Server Other Vulnerability
Overview:

The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias which allows remote attackers to read the source code of arbitrary CGI files via a URL containing the /perl directory instead of /cgi-bin.