Lucene search

MitreCVE-2003-1573

HistoryJun 01, 2009 - 10:30 p.m.

CVE-2003-1573

2009-06-0122:30:00

CWE-89

mitre

web.nvd.nist.gov

cve-2003-1573

pointbase

j2ee

remote execution

sql injection

denial of service

sensitive information

inadequate security settings

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.2

Confidence

High

EPSS

0.012

Percentile

85.5%

JSON

The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to “inadequate security settings and library bugs in sun.* and org.apache.* packages.”

Affected configurations

Nvd

Node

sunj2eeMatch1.4

VendorProductVersionCPE
sunj2ee1.4cpe:2.3:a:sun:j2ee:1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sun	j2ee	1.4	cpe:2.3:a:sun:j2ee:1.4:::::::*

References

archives.neohapsis.com/archives/bugtraq/2004-01/0148.html

archives.neohapsis.com/archives/fulldisclosure/2004-01/0675.html

seclists.org/bugtraq/2003/Dec/0249.html

secunia.com/advisories/10460

securitytracker.com/id?1008491

www.securityfocus.com/bid/9230

exchange.xforce.ibmcloud.com/vulnerabilities/14008

exchange.xforce.ibmcloud.com/vulnerabilities/14881

exchange.xforce.ibmcloud.com/vulnerabilities/14882

exchange.xforce.ibmcloud.com/vulnerabilities/14883

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.2

Confidence

High

EPSS

0.012

Percentile

85.5%

JSON

Related for CVE-2003-1573