Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.
| CVE ID | Name | Status | References |
|---|---|---|---|
| CVE-2003-0222 | Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter. |
Assigned (20030429) | BID:7453 | URL:http://www.securityfocus.com/bid/7453 | BUGTRAQ:20030429 Oracle Database Server Buffer Overflow Vulnerability (#NISR29042003) | URL:http://marc.info/?l=bugtraq&m=105162831008176&w=2 | CIAC:N-085 | URL:http://www.ciac.org/ciac/bulletins/n-085.shtml | CONFIRM:http://otn.oracle.com/deploy/security/pdf/2003alert54.pdf | NTBUGTRAQ:20030429 Oracle Database Server Buffer Overflow Vulnerability (#NISR29042003) | URL:http://marc.info/?l=ntbugtraq&m=105163376015735&w=2 | XF:oracle-database-link-bo(11885) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/11885 |
Page created: