Intrusion Prevention

Oracle9i.OWA_UTIL.Unauthorized.Stored.Procedure.Access

Description

This indicates an attack attempt to exploit an Information Disclosure vulnerability in Oracle 9i Application Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. As a result, a remote attacker can gain unauthorized access to sensitive information.

Affected Products

Oracle 9i Application Server 1.0.2.x

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2002-0560