LiveActive security incident?Get immediate response
CVE archive

January 2004

Browse CVE records published in January 2004, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 150 matching CVEs · Page 2 of 3.

Unknown · CVSS Not scored

CVE-2004-1338: The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially pri...

The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the SDO_CMT_DBK_FN_TABLE and SDO_CMT_CBK_DML_TABLE, then performing a DELETE on the SDO_TXN_IDX_INSERTS table, which causes the SDO_CMT_CBK_TRIG trigger to execute the user-supplied functions.

Published Jan 6, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-1312: A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may...

A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues.

Published Jan 6, 2005 · Updated Aug 8, 2024