Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0126


Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0126
Last Modified 07 Mar 2011 09:04:39
Published 12 Mar 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Oracle XSQL servlet and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet.

Vulnerable Systems


  • Oracle8i 8.1.7


BUGTRAQ - 20010109 Oracle XSQL servlet and xml-stylesheet allow executing java on the web server

XF - oracle-xsql-execute-code(5905)

BUGTRAQ - 20010123 Patch for Potential Vulnerability in Oracle XSQL Servlet

Last Updated: 27 May 2016 10:36:08