CVE-2004-0543

Severity Score

10.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries.

Múltiples vulnerabilidades de inyección de SQL en Oracle Applications 11.0 y Oracle E-Business Suite 11.5.1 a 11.5.8 permite a atacantes remotos ejecutar procedimientos y consultas SQL de su elección.

*Credits: N/A

CVSS Scores

NISTv2 10.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2004-06-08 CVE Reserved
2004-06-10 CVE Published
2023-03-07 EPSS Updated
2024-08-08 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
http://archives.neohapsis.com/archives/vulnwatch/2004-q2/0032.html	Mailing List
http://marc.info/?l=bugtraq&m=108638417302229&w=2	Mailing List
http://otn.oracle.com/deploy/security/pdf/2004alert67.pdf	X_refsource_confirm
http://www.ciac.org/ciac/bulletins/o-153.shtml	Government Resource
http://www.integrigy.com/alerts/OraAppsSQLInjection.htm	X_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/16324	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://www.kb.cert.org/vuls/id/961579	2017-07-11
http://www.securityfocus.com/bid/10465	2017-07-11
http://www.us-cert.gov/cas/techalerts/TA04-160A.html	2017-07-11

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Oracle Search vendor "Oracle"		Applications Search vendor "Oracle" for product "Applications"				11.0 Search vendor "Oracle" for product "Applications" and version "11.0"		-		Affected
Oracle Search vendor "Oracle"		E-business Suite Search vendor "Oracle" for product "E-business Suite"				11.5.1 Search vendor "Oracle" for product "E-business Suite" and version "11.5.1"		-		Affected
Oracle Search vendor "Oracle"		E-business Suite Search vendor "Oracle" for product "E-business Suite"				11.5.2 Search vendor "Oracle" for product "E-business Suite" and version "11.5.2"		-		Affected
Oracle Search vendor "Oracle"		E-business Suite Search vendor "Oracle" for product "E-business Suite"				11.5.3 Search vendor "Oracle" for product "E-business Suite" and version "11.5.3"		-		Affected
Oracle Search vendor "Oracle"		E-business Suite Search vendor "Oracle" for product "E-business Suite"				11.5.4 Search vendor "Oracle" for product "E-business Suite" and version "11.5.4"		-		Affected
Oracle Search vendor "Oracle"		E-business Suite Search vendor "Oracle" for product "E-business Suite"				11.5.5 Search vendor "Oracle" for product "E-business Suite" and version "11.5.5"		-		Affected
Oracle Search vendor "Oracle"		E-business Suite Search vendor "Oracle" for product "E-business Suite"				11.5.6 Search vendor "Oracle" for product "E-business Suite" and version "11.5.6"		-		Affected
Oracle Search vendor "Oracle"		E-business Suite Search vendor "Oracle" for product "E-business Suite"				11.5.7 Search vendor "Oracle" for product "E-business Suite" and version "11.5.7"		-		Affected
Oracle Search vendor "Oracle"		E-business Suite Search vendor "Oracle" for product "E-business Suite"				11.5.8 Search vendor "Oracle" for product "E-business Suite" and version "11.5.8"		-		Affected
Oracle Search vendor "Oracle"		E-business Suite Search vendor "Oracle" for product "E-business Suite"				11i Search vendor "Oracle" for product "E-business Suite" and version "11i"		-		Affected