CVE-2004-1368

ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.

🔗 References (14)

• cve@mitrehttp://marc.info/?l=bugtraq&m=110382264415387&w=2
• cve@mitrehttp://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1
• cve@mitrehttp://www.kb.cert.org/vuls/id/435974
• cve@mitrehttp://www.ngssoftware.com/advisories/oracle23122004E.txt
• cve@mitrehttp://www.securityfocus.com/bid/10871
• cve@mitrehttp://www.us-cert.gov/cas/techalerts/TA04-245A.html
• cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/18656
• af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=110382264415387&w=2
• af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1
• af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/435974
• af854a3a-2127-422b-91ae-364da2661108http://www.ngssoftware.com/advisories/oracle23122004E.txt
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/10871
• af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA04-245A.html
• af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/18656