Lucene search

[email protected]CVE-2003-1573

HistoryJun 01, 2009 - 10:30 p.m.

CVE-2003-1573

2009-06-0122:30:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2003-1573

pointbase

j2ee

remote execution

sql injection

denial of service

sensitive information

inadequate security settings

8.2 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.4%

JSON

The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to “inadequate security settings and library bugs in sun.* and org.apache.* packages.”

Affected configurations

NVD

Node

sunj2eeMatch1.4

CPENameOperatorVersion
sun:j2eesun j2eeeq1.4

CPE	Name	Operator	Version
sun:j2ee	sun j2ee	eq	1.4

References

archives.neohapsis.com/archives/bugtraq/2004-01/0148.html

archives.neohapsis.com/archives/fulldisclosure/2004-01/0675.html

seclists.org/bugtraq/2003/Dec/0249.html

secunia.com/advisories/10460

securitytracker.com/id?1008491

www.securityfocus.com/bid/9230

exchange.xforce.ibmcloud.com/vulnerabilities/14008

exchange.xforce.ibmcloud.com/vulnerabilities/14881

exchange.xforce.ibmcloud.com/vulnerabilities/14882

exchange.xforce.ibmcloud.com/vulnerabilities/14883

8.2 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.4%

JSON

Related for CVE-2003-1573

cvelist1 nvd1