Red Hat Bugzilla – Bug 409891
CVE-2003-0845 JBoss HSQLDB component remote command injection
Last modified: 2013-07-29 03:59:21 EDT
The hsqldb component in jboss is vulnerable when running in the default
configuration, allows remote attackers to conduct unauthorized activities and
possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701
in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8.