2003-04-02 05:00:00
mitre
PUBLISHED
Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet (XSQLServlet).