CVE-2004-0637

Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle9i:personal_9.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle9i:standard_9.2.0.4:*:*:*:*:*:*:*

History

20 Nov 2024, 23:49

Type Values Removed Values Added
References () http://secunia.com/advisories/12409/ - Patch, Vendor Advisory () http://secunia.com/advisories/12409/ - Patch, Vendor Advisory
References () http://www.idefense.com/application/poi/display?id=136&type=vulnerabilities&flashstatus=true - Patch, Vendor Advisory () http://www.idefense.com/application/poi/display?id=136&type=vulnerabilities&flashstatus=true - Patch, Vendor Advisory
References () http://www.kb.cert.org/vuls/id/316206 - Patch, Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/316206 - Patch, Third Party Advisory, US Government Resource
References () http://www.securityfocus.com/bid/11099 - () http://www.securityfocus.com/bid/11099 -

Information

Published : 2004-09-02 04:00

Updated : 2024-11-20 23:49


NVD link : CVE-2004-0637

Mitre link : CVE-2004-0637

CVE.ORG link : CVE-2004-0637


JSON object : View

Products Affected

oracle

  • oracle9i
  • oracle8i
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')