Buffer Overflow Vulnerability in Oracle Internet Directory Server
CVE-2001-0975

Currently unrated

Key Information:

Vendor: Oracle
Status: Internet Directory
Vendor: CVE Published:; 16 July 2001

What is CVE-2001-0975?

The Oracle Internet Directory Server has encountered buffer overflow vulnerabilities that can be exploited by remote attackers. This security flaw impacts versions 2.1.1.x and 3.0.1 and allows malicious actors to execute arbitrary code possibly resulting in unauthorized access to sensitive systems. The issue has been demonstrated through testing, including the PROTOS LDAPv3 test suite.

References

http://www.cert.org/advisories/CA-2001-18.html

third-party-advisoryx_refsource_CERT

http://otn.oracle.com/deploy/security/pdf/oid_cert_bof.pdf

x_refsource_CONFIRM

http://www.kb.cert.org/vuls/id/869184

third-party-advisoryx_refsource_CERT-VN

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Jan 31, 2002
Vulnerability published
Jul 16, 2001