7.5
CVSSv2

CVE-2004-1370

Published: 04/08/2004 Updated: 11/07/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote malicious users to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COMPLETE_ACL_SNAPSHOT, (5) WK_ACL.DELETE_ACLS_WITH_STATEMENT, or (6) DRILOAD.VALIDATE_STMT.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle application server

oracle application server 9.0.2

oracle application server 9.0.3.1

oracle application server 9.0.4

oracle e-business suite 11.5.4

oracle e-business suite 11.5.5

oracle enterprise manager grid control 10.1.0.2

oracle oracle10g enterprise_10.1.0.2

oracle oracle8i enterprise_8.0.6_.0.0

oracle oracle8i enterprise_8.0.6_.0.1

oracle oracle8i enterprise_8.1.7_.1.0

oracle oracle8i enterprise_8.1.7_.4

oracle oracle8i standard_8.0.6

oracle oracle8i standard_8.1.7_.4

oracle oracle9i client_9.2.0.1

oracle oracle9i enterprise_9.2.0.1

oracle oracle9i enterprise_9.2.0.2

oracle oracle9i personal_9.0.1.5

oracle oracle9i personal_9.2

oracle oracle9i personal_9.2.0.1

oracle oracle9i standard_9.0.1

oracle oracle9i standard_9.0.1.2

oracle oracle9i standard_9.2.0.2

oracle oracle9i standard_9.2.0.3

oracle application server 9.0.2.0.0

oracle application server 9.0.2.0.1

oracle application server 9.0.4.0

oracle application server 9.0.4.1

oracle e-business suite 11.5.6

oracle e-business suite 11.5.7

oracle e-business suite 11.5.8

oracle oracle10g enterprise_9.0.4_.0

oracle oracle10g personal_10.1_.0.2

oracle oracle8i enterprise_8.1.5_.0.0

oracle oracle8i enterprise_8.1.5_.0.2

oracle oracle8i standard_8.0.6_.3

oracle oracle8i standard_8.1.5

oracle oracle9i client_9.2.0.2

oracle oracle9i enterprise_8.1.7

oracle oracle9i enterprise_9.2.0.3

oracle oracle9i enterprise_9.2.0.4

oracle oracle9i personal_9.2.0.2

oracle oracle9i personal_9.2.0.3

oracle oracle9i standard_9.0.1.3

oracle oracle9i standard_9.0.1.4

oracle oracle9i standard_9.2.0.4

oracle oracle9i standard_9.2.0.5

oracle application server 9.0.2.3

oracle application server 9.0.3

oracle e-business suite 11.5.2

oracle e-business suite 11.5.3

oracle enterprise manager 9.0.1

oracle enterprise manager database control 10.1.2

oracle oracle10g standard_9.0.4_.0

oracle oracle8i enterprise_8.0.5_.0.0

oracle oracle8i enterprise_8.1.6_.1.0

oracle oracle8i enterprise_8.1.7_.0.0

oracle oracle8i standard_8.1.7_.0.0

oracle oracle8i standard_8.1.7_.1

oracle oracle9i enterprise_9.0.1.5

oracle oracle9i enterprise_9.2.0

oracle oracle9i personal_9.0.1

oracle oracle9i personal_9.0.1.4

oracle oracle9i standard_8.1.7

oracle oracle9i standard_9.0

oracle oracle9i standard_9.2

oracle oracle9i standard_9.2.0.1

oracle application server 9.0.2.1

oracle application server 9.0.2.2

oracle collaboration suite release_1

oracle e-business suite 11.5.1

oracle e-business suite 11.5.9

oracle enterprise manager 9

oracle oracle10g personal_9.0.4_.0

oracle oracle10g standard_10.1_.0.2

oracle oracle8i enterprise_8.1.5_.1.0

oracle oracle8i enterprise_8.1.6_.0.0

oracle oracle8i standard_8.1.6

oracle oracle8i standard_8.1.7

oracle oracle9i enterprise_9.0.1

oracle oracle9i enterprise_9.0.1.4

oracle oracle9i enterprise_9.2.0.5

oracle oracle9i personal_8.1.7

oracle oracle9i personal_9.2.0.4

oracle oracle9i personal_9.2.0.5

oracle oracle9i standard_9.0.1.5

oracle oracle9i standard_9.0.2