CVE-2004-0543SQL Injection in Oracle Applications

4 documents4 sources
Severity
10.0CRITICALNVD
EPSS
9.9%
top 6.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle ApplicationsOracle E-business Suite
Timeline
PublishedAug 6
Latest updateApr 29

Description

Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDoracle/e-business_suite9 versions+8

Patches

Patch: www.kb.cert.orgPatch: www.securityfocus.comPatch: www.us-cert.gov

🔴Vulnerability Details

2
GHSA
GHSA-jvrp-gpvq-2crp: Multiple SQL injection vulnerabilities in Oracle Applications 112022-04-29
CVEList
CVE-2004-0543: Multiple SQL injection vulnerabilities in Oracle Applications 112004-06-10

📋Vendor Advisories

1
Red Hat
CVE-2005-1730: Multiple vulnerabilities in the OpenSSL ASN
CVE-2004-0543 — SQL Injection in Oracle Applications | cvebase