CVE-2003-0632

Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL.

Published: Aug 27, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0632
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / e-business_suite	11.3	11.3.x
oracle / e-business_suite	11.1	11.1.x
oracle / applications	10.7	10.7.x
oracle / e-business_suite	11.6	11.6.x
oracle / e-business_suite	11.2	11.2.x
oracle / e-business_suite	11.8	11.8.x
oracle / e-business_suite	11.5	11.5.x
oracle / e-business_suite	11.4	11.4.x
oracle / e-business_suite	11.7	11.7.x
oracle / applications	11.0	11.0.x

http://marc.info/?l=bugtraq&m=105906721920776&w=2
http://otn.oracle.com/deploy/security/pdf/2003alert56.pdf

Vulnerability Database

289,697

CVE-2003-0632