7.8

CVE-2004-1368

ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.

Data is provided by the National Vulnerability Database (NVD)
OracleApplication Server Version9.0.2
OracleApplication Server Version9.0.2.0.0
OracleApplication Server Version9.0.2.0.1
OracleApplication Server Version9.0.2.1
OracleApplication Server Version9.0.2.2
OracleApplication Server Version9.0.2.3
OracleApplication Server Version9.0.3
OracleApplication Server Version9.0.3.1
OracleApplication Server Version9.0.4
OracleApplication Server Version9.0.4.0
OracleApplication Server Version9.0.4.1
OracleCollaboration Suite Versionrelease_1
OracleE-business Suite Version11.5.1
OracleE-business Suite Version11.5.2
OracleE-business Suite Version11.5.3
OracleE-business Suite Version11.5.4
OracleE-business Suite Version11.5.5
OracleE-business Suite Version11.5.6
OracleE-business Suite Version11.5.7
OracleE-business Suite Version11.5.8
OracleE-business Suite Version11.5.9
OracleEnterprise Manager Version9
OracleEnterprise Manager Version9.0.1
OracleOracle10g Versionenterprise_9.0.4_.0
OracleOracle10g Versionenterprise_10.1.0.2
OracleOracle10g Versionpersonal_9.0.4_.0
OracleOracle10g Versionpersonal_10.1_.0.2
OracleOracle10g Versionstandard_9.0.4_.0
OracleOracle10g Versionstandard_10.1_.0.2
OracleOracle8i Versionenterprise_8.0.5_.0.0
OracleOracle8i Versionenterprise_8.0.6_.0.0
OracleOracle8i Versionenterprise_8.0.6_.0.1
OracleOracle8i Versionenterprise_8.1.5_.0.0
OracleOracle8i Versionenterprise_8.1.5_.0.2
OracleOracle8i Versionenterprise_8.1.5_.1.0
OracleOracle8i Versionenterprise_8.1.6_.0.0
OracleOracle8i Versionenterprise_8.1.6_.1.0
OracleOracle8i Versionenterprise_8.1.7_.0.0
OracleOracle8i Versionenterprise_8.1.7_.1.0
OracleOracle8i Versionenterprise_8.1.7_.4
OracleOracle8i Versionstandard_8.0.6
OracleOracle8i Versionstandard_8.0.6_.3
OracleOracle8i Versionstandard_8.1.5
OracleOracle8i Versionstandard_8.1.6
OracleOracle8i Versionstandard_8.1.7
OracleOracle8i Versionstandard_8.1.7_.0.0
OracleOracle8i Versionstandard_8.1.7_.1
OracleOracle8i Versionstandard_8.1.7_.4
OracleOracle9i Versionclient_9.2.0.1
OracleOracle9i Versionclient_9.2.0.2
OracleOracle9i Versionenterprise_8.1.7
OracleOracle9i Versionenterprise_9.0.1
OracleOracle9i Versionenterprise_9.0.1.4
OracleOracle9i Versionenterprise_9.0.1.5
OracleOracle9i Versionenterprise_9.2.0
OracleOracle9i Versionenterprise_9.2.0.1
OracleOracle9i Versionenterprise_9.2.0.2
OracleOracle9i Versionenterprise_9.2.0.3
OracleOracle9i Versionenterprise_9.2.0.4
OracleOracle9i Versionenterprise_9.2.0.5
OracleOracle9i Versionpersonal_8.1.7
OracleOracle9i Versionpersonal_9.0.1
OracleOracle9i Versionpersonal_9.0.1.4
OracleOracle9i Versionpersonal_9.0.1.5
OracleOracle9i Versionpersonal_9.2
OracleOracle9i Versionpersonal_9.2.0.1
OracleOracle9i Versionpersonal_9.2.0.2
OracleOracle9i Versionpersonal_9.2.0.3
OracleOracle9i Versionpersonal_9.2.0.4
OracleOracle9i Versionpersonal_9.2.0.5
OracleOracle9i Versionstandard_8.1.7
OracleOracle9i Versionstandard_9.0
OracleOracle9i Versionstandard_9.0.1
OracleOracle9i Versionstandard_9.0.1.2
OracleOracle9i Versionstandard_9.0.1.3
OracleOracle9i Versionstandard_9.0.1.4
OracleOracle9i Versionstandard_9.0.1.5
OracleOracle9i Versionstandard_9.0.2
OracleOracle9i Versionstandard_9.2
OracleOracle9i Versionstandard_9.2.0.1
OracleOracle9i Versionstandard_9.2.0.2
OracleOracle9i Versionstandard_9.2.0.3
OracleOracle9i Versionstandard_9.2.0.4
OracleOracle9i Versionstandard_9.2.0.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 5.3% 0.89
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:C/I:N/A:N
http://www.us-cert.gov/cas/techalerts/TA04-245A.html
Patch
Third Party Advisory
US Government Resource