Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.5
CVSSv2

CVE-2004-1338

Published: 23/12/2004 Updated: 11/07/2017
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
VMScore: 578
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Oracle9i

Vulnerability Summary

The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the SDO_CMT_DBK_FN_TABLE and SDO_CMT_CBK_DML_TABLE, then performing a DELETE on the SDO_TXN_IDX_INSERTS table, which causes the SDO_CMT_CBK_TRIG trigger to execute the user-supplied functions.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle oracle9i 9.0.1.2

oracle oracle9i 9.0.1.3

oracle oracle9i 9.0.2.3

oracle oracle9i 9.2.0.1

oracle oracle9i 9.0.1.4

oracle oracle9i 9.0.2

oracle oracle9i 9.2.0.2

oracle database server 10.2.1

oracle oracle9i 9.0.2.0.0

oracle oracle9i 9.0.2.0.1

oracle oracle9i 9.0

oracle oracle9i 9.0.1

oracle oracle9i 9.0.2.1

oracle oracle9i 9.0.2.2

References

CWE-264http://www.ngssoftware.com/advisories/oracle23122004I.txthttp://marc.info/?l=bugtraq&m=110382230614420&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/18655https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook