CVE-2004-1339

2005-01-0605:00:00

mitre

www.cve.org

AI Score

7.9

Confidence

Low

EPSS

0.001

Percentile

36.5%

JSON

SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters.

References

marc.info/?l=bugtraq&m=110382230614420&w=2

www.ngssoftware.com/advisories/oracle23122004I.txt

exchange.xforce.ibmcloud.com/vulnerabilities/18655