CVE-2003-0845
Summary
| CVE | CVE-2003-0845 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2003-11-17 05:00:00 UTC |
| Updated | 2020-03-24 14:57:00 UTC |
| Description | Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8. |
Risk And Classification
Problem Types: CWE-89
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Support | REDHAT | www.redhat.com | Third Party Advisory |
| 20031005 JBoss 3.2.1: Remote Command Injection | BUGTRAQ | marc.info | Mailing List, Third Party Advisory |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | Tool Signature |
| JBoss HSQLDB Remote Command Injection Vulnerability | BID | www.securityfocus.com | Patch, Third Party Advisory, VDB Entry, Vendor Advisory |
| 20031006 Update JBoss 308 & 321: Remote Command Injection | BUGTRAQ | marc.info | Mailing List, Third Party Advisory |
| Red Hat update for openoffice.org and hsqldb - Advisories - Secunia | SECUNIA | secunia.com | Not Applicable |
| SourceForge.net: Restricting remote access to hsqldb | CONFIRM | sourceforge.net | Broken Link |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.