Description

ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.

Remediation

References

CVE-2004-1368

Related Vulnerabilities

Chamilo Deserialization of Untrusted Data Vulnerability (CVE-2025-52998)

ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4390)

WordPress Plugin UserPro-Community and User Profile Security Bypass (4.9.17)

Oracle Database Server CVE-2015-4888 Vulnerability (CVE-2015-4888)

WordPress Plugin Max Mega Menu Cross-Site Scripting (2.3.8)

Severity

High

Classification

CVE-2004-1368

Tags

Missing Update Known Vulnerabilities