Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2004-1362

The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters.

  • Published: Aug 4, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-1362
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
oracle / oracle10g standard_9.0.4_.0 standard_9.0.4_.0.x
oracle / oracle8i standard_8.1.7_.4 standard_8.1.7_.4.x
oracle / oracle9i standard_9.0.2 standard_9.0.2.x
oracle / oracle9i standard_9.0.1.4 standard_9.0.1.4.x
oracle / collaboration_suite release_1 release_1.x
oracle / application_server 9.0.2.1 9.0.2.1.x
oracle / oracle8i enterprise_8.1.6_.0.0 enterprise_8.1.6_.0.0.x
oracle / oracle9i personal_8.1.7 personal_8.1.7.x
oracle / application_server - -
oracle / oracle9i client_9.2.0.2 client_9.2.0.2.x
oracle / application_server 9.0.2.0.0 9.0.2.0.0.x
oracle / e-business_suite 11.5.5 11.5.5.x
oracle / oracle9i client_9.2.0.1 client_9.2.0.1.x
oracle / enterprise_manager 9.0.1 9.0.1.x
oracle / oracle9i enterprise_9.2.0.5 enterprise_9.2.0.5.x
oracle / oracle9i personal_9.2.0.1 personal_9.2.0.1.x
oracle / oracle9i personal_9.2.0.2 personal_9.2.0.2.x
oracle / oracle9i personal_9.2.0.5 personal_9.2.0.5.x
oracle / oracle8i standard_8.0.6 standard_8.0.6.x
oracle / application_server 9.0.4 9.0.4.x
oracle / e-business_suite 11.5.4 11.5.4.x
oracle / oracle8i enterprise_8.1.5_.1.0 enterprise_8.1.5_.1.0.x
oracle / oracle9i personal_9.0.1.5 personal_9.0.1.5.x
oracle / oracle10g personal_10.1_.0.2 personal_10.1_.0.2.x
oracle / oracle8i standard_8.1.6 standard_8.1.6.x
oracle / oracle9i standard_9.0.1 standard_9.0.1.x
oracle / oracle9i standard_9.2.0.3 standard_9.2.0.3.x
oracle / oracle9i enterprise_9.2.0.2 enterprise_9.2.0.2.x
oracle / oracle9i enterprise_9.2.0.4 enterprise_9.2.0.4.x
oracle / oracle9i enterprise_9.0.1.5 enterprise_9.0.1.5.x
oracle / oracle9i personal_9.2 personal_9.2.x
oracle / oracle9i standard_9.0 standard_9.0.x
oracle / application_server 9.0.2.3 9.0.2.3.x
oracle / e-business_suite 11.5.2 11.5.2.x
oracle / application_server 9.0.4.1 9.0.4.1.x
oracle / e-business_suite 11.5.7 11.5.7.x
oracle / oracle9i standard_9.2.0.1 standard_9.2.0.1.x
oracle / application_server 9.0.2.0.1 9.0.2.0.1.x
oracle / oracle10g personal_9.0.4_.0 personal_9.0.4_.0.x
oracle / oracle9i standard_9.2 standard_9.2.x
oracle / application_server 9.0.4.0 9.0.4.0.x
oracle / e-business_suite 11.5.1 11.5.1.x
oracle / oracle9i enterprise_9.0.1 enterprise_9.0.1.x
oracle / oracle9i standard_9.0.1.2 standard_9.0.1.2.x
oracle / oracle9i standard_9.2.0.4 standard_9.2.0.4.x
oracle / oracle9i enterprise_9.2.0 enterprise_9.2.0.x
oracle / enterprise_manager 9 9.x
oracle / oracle9i standard_9.2.0.5 standard_9.2.0.5.x
oracle / oracle8i standard_8.1.7_.1 standard_8.1.7_.1.x
oracle / oracle8i enterprise_8.1.7_.1.0 enterprise_8.1.7_.1.0.x
oracle / oracle8i enterprise_8.1.5_.0.2 enterprise_8.1.5_.0.2.x
oracle / oracle8i enterprise_8.1.6_.1.0 enterprise_8.1.6_.1.0.x
oracle / oracle9i standard_8.1.7 standard_8.1.7.x
oracle / oracle9i enterprise_8.1.7 enterprise_8.1.7.x
oracle / application_server 9.0.2.2 9.0.2.2.x
oracle / oracle10g standard_10.1_.0.2 standard_10.1_.0.2.x
oracle / application_server 9.0.2 9.0.2.x
oracle / oracle9i personal_9.0.1 personal_9.0.1.x
oracle / oracle8i enterprise_8.1.7_.0.0 enterprise_8.1.7_.0.0.x
oracle / e-business_suite 11.5.8 11.5.8.x
oracle / oracle8i standard_8.0.6_.3 standard_8.0.6_.3.x
oracle / oracle9i standard_9.0.1.3 standard_9.0.1.3.x
oracle / application_server 9.0.3 9.0.3.x
oracle / oracle9i personal_9.2.0.4 personal_9.2.0.4.x
oracle / oracle8i standard_8.1.7_.0.0 standard_8.1.7_.0.0.x
oracle / oracle9i standard_9.2.0.2 standard_9.2.0.2.x
oracle / oracle8i enterprise_8.1.7_.4 enterprise_8.1.7_.4.x
oracle / application_server 9.0.3.1 9.0.3.1.x
oracle / oracle10g enterprise_10.1.0.2 enterprise_10.1.0.2.x
oracle / oracle9i enterprise_9.2.0.3 enterprise_9.2.0.3.x
oracle / enterprise_manager_grid_control 10.1.0.2 10.1.0.2.x
oracle / e-business_suite 11.5.9 11.5.9.x
oracle / enterprise_manager_database_control 10.1.2 10.1.2.x
oracle / oracle9i personal_9.0.1.4 personal_9.0.1.4.x
oracle / oracle10g enterprise_9.0.4_.0 enterprise_9.0.4_.0.x
oracle / oracle9i personal_9.2.0.3 personal_9.2.0.3.x
oracle / oracle8i enterprise_8.0.6_.0.0 enterprise_8.0.6_.0.0.x
oracle / e-business_suite 11.5.6 11.5.6.x
oracle / e-business_suite 11.5.3 11.5.3.x
oracle / oracle8i enterprise_8.1.5_.0.0 enterprise_8.1.5_.0.0.x
oracle / oracle9i enterprise_9.2.0.1 enterprise_9.2.0.1.x
oracle / oracle8i standard_8.1.7 standard_8.1.7.x
oracle / oracle9i standard_9.0.1.5 standard_9.0.1.5.x
oracle / oracle8i enterprise_8.0.6_.0.1 enterprise_8.0.6_.0.1.x
oracle / oracle8i enterprise_8.0.5_.0.0 enterprise_8.0.5_.0.0.x
oracle / oracle8i standard_8.1.5 standard_8.1.5.x
oracle / oracle9i enterprise_9.0.1.4 enterprise_9.0.1.4.x