CVE-2004-1363
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.
Affected (33)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions | |
| All versions | |
| Version 10.1.0.2 | |
| Version 11.5.1 | |
| Version 9.0.1 | |
| Version 10.1.2 | |
| Version 10.1.0.2 |
References (16)
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Broken LinkPatchVendor Advisory
Source: cve@mitre.org
Broken LinkPatchVendor Advisory
Source: cve@mitre.org
Broken LinkPatchThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Broken LinkPatchThird Party AdvisoryUS Government Resource
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatchThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkPatchThird Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Timeline
No history available yet.