CVE-2005-3207

Name of the Vulnerable Software and Affected Versions Oracle Forms version 4.5.10.22

Description The issue allows remote attackers to cause a denial of service, specifically stopping the TNS listener, by exploiting the userid parameter in the forms servlet (f90servlet) with a STOP command.

Recommendations For Oracle Forms version 4.5.10.22, avoid using the userid parameter with commands that could trigger a denial of service, such as the STOP command, until a fix is available. As a temporary workaround, consider restricting access to the forms servlet to minimize the risk of exploitation.