What is the severity of CVE-2003-0845?

CVE-2003-0845 is considered a critical vulnerability that can allow remote attackers to execute arbitrary code.

How do I fix CVE-2003-0845?

To fix CVE-2003-0845, update JBoss to a version that is not affected or reconfigure the system to limit access to the impacted TCP port.

What versions of JBoss are affected by CVE-2003-0845?

CVE-2003-0845 affects JBoss versions 3.2.1 and 3.0.8 running on Java 1.4.x platforms.

Is CVE-2003-0845 a known issue in previous JBoss releases?

Yes, CVE-2003-0845 is a known vulnerability affecting older versions of JBoss when configured with default settings.

Vulnerability/
CVE-2003-0845

high

7.5

CWE

9/10/2003

8/8/2024

CVE-2003-0845: SQL Injection

First published: Thu Oct 09 2003(Updated: )

Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
JBoss Application Server	=3.2.1
JBoss Application Server	=3.0.8

Remedy

http://www.securityfocus.com/bid/8773

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2003-0845?
CVE-2003-0845 is considered a critical vulnerability that can allow remote attackers to execute arbitrary code.
How do I fix CVE-2003-0845?
To fix CVE-2003-0845, update JBoss to a version that is not affected or reconfigure the system to limit access to the impacted TCP port.
What versions of JBoss are affected by CVE-2003-0845?
CVE-2003-0845 affects JBoss versions 3.2.1 and 3.0.8 running on Java 1.4.x platforms.
What attacks can be performed using CVE-2003-0845?
Attackers can conduct unauthorized activities and possibly execute arbitrary code through specific SQL statements.
Is CVE-2003-0845 a known issue in previous JBoss releases?
Yes, CVE-2003-0845 is a known vulnerability affecting older versions of JBoss when configured with default settings.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/last-modified-date
agent/author
agent/references
agent/severity
agent/weakness
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/jboss
canonical/jboss application server
version/jboss application server/3.2.1
version/jboss application server/3.0.8

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.