CVE-2004-1362

NONECVSS 0.0

0.0

The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters.

🔗 References (16)

cve@mitrehttp://marc.info/?l=bugtraq&m=110382306006205&w=2
cve@mitrehttp://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1
cve@mitrehttp://www.kb.cert.org/vuls/id/435974
cve@mitrehttp://www.ngssoftware.com/advisories/oracle23122004G.txt
cve@mitrehttp://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf
cve@mitrehttp://www.securityfocus.com/bid/10871
cve@mitrehttp://www.us-cert.gov/cas/techalerts/TA04-245A.html
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/18657
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=110382306006205&w=2
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/435974
af854a3a-2127-422b-91ae-364da2661108http://www.ngssoftware.com/advisories/oracle23122004G.txt
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/10871
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA04-245A.html

Is Your Infrastructure Affected by CVE-2004-1362?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2004-1362

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2004-1362?