Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2004-1368

Published: 04/08/2004 Updated: 11/07/2017
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N
Subscribe to Oracle

Vulnerability Summary

ISQL*Plus in Oracle 10g Application Server allows remote malicious users to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle application server

oracle application server 9.0.2

oracle application server 9.0.4

oracle application server 9.0.4.0

oracle e-business suite 11.5.5

oracle e-business suite 11.5.6

oracle enterprise manager grid control 10.1.0.2

oracle oracle10g enterprise_10.1.0.2

oracle oracle8i enterprise_8.0.6_.0.1

oracle oracle8i enterprise_8.1.5_.0.0

oracle oracle8i enterprise_8.1.7_.4

oracle oracle8i standard_8.0.6

oracle application server 9.0.2.3

oracle application server 9.0.3

oracle application server 9.0.3.1

oracle e-business suite 11.5.3

oracle e-business suite 11.5.4

oracle enterprise manager 9.0.1

oracle enterprise manager database control 10.1.2

oracle oracle10g standard_9.0.4_.0

oracle oracle8i enterprise_8.0.5_.0.0

oracle oracle8i enterprise_8.0.6_.0.0

oracle oracle8i enterprise_8.1.7_.0.0

oracle oracle8i enterprise_8.1.7_.1.0

oracle oracle8i standard_8.1.7_.0.0

oracle oracle8i standard_8.1.7_.1

oracle oracle9i enterprise_9.2.0

oracle oracle9i enterprise_9.2.0.1

oracle oracle9i personal_9.0.1.4

oracle oracle9i personal_9.0.1.5

oracle oracle9i standard_8.1.7

oracle oracle9i standard_9.0

oracle oracle9i standard_9.2.0.1

oracle oracle9i standard_9.2.0.2

oracle oracle8i standard_8.1.7_.4

oracle oracle9i client_9.2.0.1

oracle oracle9i enterprise_9.2.0.2

oracle oracle9i enterprise_9.2.0.3

oracle oracle9i personal_9.2

oracle oracle9i personal_9.2.0.1

oracle oracle9i standard_9.0.1

oracle oracle9i standard_9.0.1.2

oracle oracle9i standard_9.2.0.3

oracle oracle9i standard_9.2.0.4

oracle application server 9.0.2.0.0

oracle application server 9.0.2.0.1

oracle application server 9.0.4.1

oracle collaboration suite release_1

oracle e-business suite 11.5.7

oracle e-business suite 11.5.8

oracle oracle10g enterprise_9.0.4_.0

oracle oracle10g personal_10.1_.0.2

oracle oracle8i enterprise_8.1.5_.0.2

oracle oracle8i enterprise_8.1.5_.1.0

oracle oracle8i standard_8.0.6_.3

oracle oracle8i standard_8.1.5

oracle oracle9i client_9.2.0.2

oracle oracle9i enterprise_8.1.7

oracle oracle9i enterprise_9.2.0.4

oracle oracle9i enterprise_9.2.0.5

oracle oracle9i personal_9.2.0.2

oracle oracle9i personal_9.2.0.3

oracle oracle9i standard_9.0.1.3

oracle oracle9i standard_9.0.1.4

oracle oracle9i standard_9.0.1.5

oracle oracle9i standard_9.2.0.5

oracle application server 9.0.2.1

oracle application server 9.0.2.2

oracle e-business suite 11.5.1

oracle e-business suite 11.5.2

oracle e-business suite 11.5.9

oracle enterprise manager 9

oracle oracle10g personal_9.0.4_.0

oracle oracle10g standard_10.1_.0.2

oracle oracle8i enterprise_8.1.6_.0.0

oracle oracle8i enterprise_8.1.6_.1.0

oracle oracle8i standard_8.1.6

oracle oracle8i standard_8.1.7

oracle oracle9i enterprise_9.0.1

oracle oracle9i enterprise_9.0.1.4

oracle oracle9i enterprise_9.0.1.5

oracle oracle9i personal_8.1.7

oracle oracle9i personal_9.0.1

oracle oracle9i personal_9.2.0.4

oracle oracle9i personal_9.2.0.5

oracle oracle9i standard_9.0.2

oracle oracle9i standard_9.2

References

NVD-CWE-noinfohttp://www.ngssoftware.com/advisories/oracle23122004E.txthttp://www.us-cert.gov/cas/techalerts/TA04-245A.htmlhttp://www.securityfocus.com/bid/10871http://www.kb.cert.org/vuls/id/435974http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1http://marc.info/?l=bugtraq&m=110382264415387&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/18656https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook