Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0543

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0543
Last Modified 05 Sep 2008 04:38:42
Published 06 Aug 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0543

Summary

Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries.

Vulnerable Systems

Application

  • Oracle Applications 11.0

  • Oracle E-business Suite 11.5.1

  • Oracle E-business Suite 11.5.2

  • Oracle E-business Suite 11.5.3

  • Oracle E-business Suite 11.5.4

  • Oracle E-business Suite 11.5.5

  • Oracle E-business Suite 11.5.6

  • Oracle E-business Suite 11.5.7

  • Oracle E-business Suite 11.5.8

  • Oracle E-business Suite 11i


References

CERT - TA04-160A

CERT-VN - VU#961579

BID - 10465

XF - oracle-ebusiness-sql-injection(16324)

MISC - http://www.integrigy.com/alerts/OraAppsSQLInjection.htm

CONFIRM - http://otn.oracle.com/deploy/security/pdf/2004alert67.pdf

CIAC - O-153

BUGTRAQ - 20040604 Integrigy Security Alert - Multiple SQL Injection Vulnerabilities in Oracle E-Business Suite


Last Updated: 27 May 2016 10:38:38