VYPR
Critical severity9.8NVD Advisory· Published Aug 4, 2004· Updated Jun 16, 2026

CVE-2004-1363

CVE-2004-1363

Description

Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

34
  • cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:collaboration_suite:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.1.0.2:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:oracle:database_server:10.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:database_server:8.1.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:database_server:9.0.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:database_server:9.0.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:database_server:9.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:database_server:9.2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:database_server:9.2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:e-business_suite:11.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:e-business_suite:11.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:e-business_suite:11.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:e-business_suite:11.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:e-business_suite:11.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:e-business_suite:11.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:e-business_suite:11.5.8:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:oracle:enterprise_manager:9:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:enterprise_manager:9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_database_control:10.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.2:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.