Description

Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.

Remediation

References

CVE-2004-1365

Related Vulnerabilities

WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Cross-Site Scripting (1.9.18)

Apache Tomcat Improper Encoding or Escaping of Output Vulnerability (CVE-2021-30640)

WordPress Plugin WatchMan-Site7 Cross-Site Request Forgery (3.0.2)

WordPress Plugin Fast Secure Contact Form Remote Code Execution (4.0.44)

WordPress Plugin VideoWhisper Video Conference Integration Arbitrary File Upload (4.91.8)

Severity

Medium

Classification

CVE-2004-1365

Tags

Missing Update Known Vulnerabilities