SQL Injection Vulnerability in Oracle Forms 10g by Oracle
CVE-2005-1178

Currently unrated

Key Information:

Vendor: Oracle
Status: Forms
Vendor: CVE Published:; 2 May 2005

What is CVE-2005-1178?

An SQL injection vulnerability exists in Oracle Forms 10g, which permits remote attackers to execute arbitrary SQL statements through the application’s Query/Where feature. This can lead to unauthorized access to sensitive data and potential manipulation of the underlying database, posing substantial risks to data integrity and the overall security posture of affected systems.

References

http://www.securiteam.com/securitynews/5HP0I0UFFI.html

x_refsource_MISC

http://www.red-database-security.com/wp/sql_injection_for...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/20080

vdb-entryx_refsource_XF

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Apr 19, 2005