CVE-2004-1368

Published: Jan 19, 2005

Modified: Aug 8, 2024

PUBLISHED

Description

ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

oracle-isqlplus-file-access(18656)

vdb-entry

x_refsource_XF

20041223 Oracle ISQLPlus file access vulnerability (#NISR2122004E)

mailing-list

x_refsource_BUGTRAQ

http://www.ngssoftware.com/advisories/oracle23122004E.txt

x_refsource_MISC

VU#435974

third-party-advisory

x_refsource_CERT-VN

TA04-245A

third-party-advisory

x_refsource_CERT

10871

vdb-entry

x_refsource_BID

101782

vendor-advisory

x_refsource_SUNALERT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2004-1368

Description

Affected Products

References