Published: 04/08/2004 Updated: 11/07/2017

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Stack-based buffer overflow in Oracle 9i and 10g allows remote malicious users to execute arbitrary code via a long token in the text of a wrapped procedure.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle application server 9.0.2.1
oracle application server 9.0.2.2
oracle collaboration suite release_1
oracle database server 9i_application_server
oracle e-business suite 11.5.7
oracle e-business suite 11.5.8
oracle oracle10g personal_10.1_.0.2
oracle oracle10g personal_9.0.4_.0
oracle oracle8i enterprise_8.1.5_.0.2
oracle oracle8i enterprise_8.1.5_.1.0
oracle oracle8i standard_8.0.6_.3
oracle oracle8i standard_8.1.5
oracle oracle9i enterprise_8.1.7
oracle oracle9i enterprise_9.0.1
oracle oracle9i enterprise_9.2.0.4
oracle oracle9i enterprise_9.2.0.5
oracle oracle9i personal_9.2.0.2
oracle oracle9i personal_9.2.0.3
oracle oracle9i personal_9.2.0.4
oracle oracle9i standard_9.0.1.4
oracle oracle9i standard_9.0.1.5
oracle oracle9i standard_9.2.0.5
oracle application server 9.0.2.3
oracle application server 9.0.3
oracle e-business suite 11.5.1
oracle e-business suite 11.5.2
oracle e-business suite 11.5.9
oracle enterprise manager 9
oracle oracle10g standard_10.1_.0.2
oracle oracle10g standard_9.0.4_.0
oracle oracle8i enterprise_8.1.6_.0.0
oracle application server 9.0.2
oracle application server 9.0.2.0.0
oracle application server 9.0.2.0.1
oracle application server 9.0.4.0
oracle application server 9.0.4.1
oracle e-business suite 11.5.5
oracle e-business suite 11.5.6
oracle oracle10g enterprise_10.1.0.2
oracle oracle10g enterprise_9.0.4_.0
oracle oracle8i enterprise_8.0.6_.0.1
oracle oracle8i enterprise_8.1.5_.0.0
oracle oracle8i enterprise_8.1.7_.4
oracle oracle8i standard_8.0.6
oracle oracle9i client_9.2.0.1
oracle oracle9i client_9.2.0.2
oracle oracle9i enterprise_9.2.0.2
oracle oracle9i enterprise_9.2.0.3
oracle oracle9i personal_9.2
oracle oracle9i personal_9.2.0.1
oracle oracle9i standard_9.0.1.2
oracle oracle9i standard_9.0.1.3
oracle oracle9i standard_9.2.0.3
oracle oracle9i standard_9.2.0.4
oracle oracle8i enterprise_8.1.6_.1.0
oracle oracle8i standard_8.1.6
oracle oracle8i standard_8.1.7
oracle oracle8i standard_8.1.7_.0.0
oracle oracle9i enterprise_9.0.1.4
oracle oracle9i enterprise_9.0.1.5
oracle oracle9i personal_8.1.7
oracle oracle9i personal_9.0.1
oracle oracle9i personal_9.2.0.5
oracle oracle9i standard_8.1.7
oracle oracle9i standard_9.0.2
oracle oracle9i standard_9.2
oracle application server
oracle application server 9.0.3.1
oracle application server 9.0.4
oracle e-business suite 11.5.3
oracle e-business suite 11.5.4
oracle enterprise manager 9.0.1
oracle enterprise manager database control 10.1.2
oracle enterprise manager grid control 10.1.0.2
oracle oracle8i enterprise_8.0.5_.0.0
oracle oracle8i enterprise_8.0.6_.0.0
oracle oracle8i enterprise_8.1.7_.0.0
oracle oracle8i enterprise_8.1.7_.1.0
oracle oracle8i standard_8.1.7_.1
oracle oracle8i standard_8.1.7_.4
oracle oracle9i enterprise_9.2.0
oracle oracle9i enterprise_9.2.0.1
oracle oracle9i personal_9.0.1.4
oracle oracle9i personal_9.0.1.5
oracle oracle9i standard_9.0
oracle oracle9i standard_9.0.1
oracle oracle9i standard_9.2.0.1
oracle oracle9i standard_9.2.0.2

CWE-119 http://www.ngssoftware.com/advisories/oracle23122004J.txt http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf http://www.us-cert.gov/cas/techalerts/TA04-245A.html http://www.securityfocus.com/bid/10871 http://www.kb.cert.org/vuls/id/316206 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 http://marc.info/?l=bugtraq&m=110382570313035&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18666 https://nvd.nist.gov

Get Started

CVE-2004-1371

Vulnerability Summary

References

Vulmon Search

About

Products

Connect