Unrated severityNVD Advisory· Published Nov 17, 2003· Updated Apr 16, 2026

CVE-2003-0845

Description

Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8.

Affected products

JBoss/JBoss2 versions
cpe:2.3:a:jboss:jboss:3.0.8:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:jboss:jboss:3.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:jboss:jboss:3.2.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/8773nvdPatchThird Party AdvisoryVDB EntryVendor Advisory
marc.infonvdMailing ListThird Party Advisory
marc.infonvdMailing ListThird Party Advisory
www.redhat.com/support/errata/RHSA-2007-1048.htmlnvdThird Party Advisory
secunia.com/advisories/27914nvdNot Applicable
sourceforge.net/docman/display_doc.phpnvdBroken Link
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11300nvdTool Signature

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.013
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000