Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Oracle Forms 4.5 through 10g starts form executables from arbitrary directories and executes them as the Oracle or System user, which allows attackers to execute arbitrary code by uploading a malicious .fmx file and referencing it using an absolute pathname argument in the (1) form or (2) module parameters to f90servlet.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Oracle Forms 执行任意代码漏洞
Vulnerability Description
Oracle Forms是oracle的一个组件。 Oracle Forms 4.5至10g存在执行任意代码漏洞。forms会从任意目录中的可执行文件启动,并以Oracle或System用户身份来执行,攻击者可以通过上传恶意.fmx文件并使用(1)表单中的绝对路径名参数或(2)f90servlet的模块参数执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A