Intrusion Prevention

Oracle.Business.Transaction.Management.Arbitrary.File.Write

Description

This indicates an attack attempt against an Authentication Bypass vulnerability in Oracle Business Transaction Management Server.
The vulnerabilities are caused by an error when the vulnerable software handles malicious SOAP request. It allows a remote attacker to execute arbitrary code or delete a file via a crafted SOAP request.

Affected Products

Oracle Business Transaction Management Server 12.1.0.2.7

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.