The p_submit_url value in the sample login form in the Oracle 9i Application Server (9iAS) Single Sign-on Administrators Guide, Release 2(9.0.2) for Oracle SSO allows remote attackers to spoof the login page, which could allow users to inadvertently reveal their username and password.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-05-10T04:00:00

Updated: 2024-08-08T01:07:49.072Z

Reserved: 2005-05-04T00:00:00

Link: CVE-2004-1877

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2004-03-30T05:00:00.000

Modified: 2024-11-20T23:51:57.527

Link: CVE-2004-1877

cve-icon Redhat

No data.