exploitDog

CVE-2005-1178

Опубликовано: 02 мая 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature.

Ссылки

http://www.red-database-security.com/wp/sql_injection_forms_us.pdf
Vendor Advisory
http://www.securiteam.com/securitynews/5HP0I0UFFI.html
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/20080
http://www.red-database-security.com/wp/sql_injection_forms_us.pdf
Vendor Advisory
http://www.securiteam.com/securitynews/5HP0I0UFFI.html
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/20080

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:oracle:forms:3.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:forms:4.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:forms:5.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:forms:6.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:forms:6i:*:*:*:*:*:*:*

cpe:2.3:a:oracle:forms:9i:*:*:*:*:*:*:*

cpe:2.3:a:oracle:forms:10g:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00487

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-h4wc-w4rm-xv89

github

почти 4 года назад

SQL injection vulnerability in Oracle Forms 10g allows remote attackers to execute arbitrary SQL commands via the Query/Where feature.

EPSS

Процентиль: 65%

0.00487

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other