Buffer Overflow Vulnerability in Oracle 9i Application Server
CVE-2002-0559

Currently unrated

Key Information:

Vendor: Oracle
Status: Oracle9i; Application Server Web Cache; Oracle8i; Application Server
Vendor: CVE Published:; 3 July 2002

What is CVE-2002-0559?

The PL/SQL module in Oracle 9i Application Server may be exploited through multiple vectors, including overly long requests and parameters. Attackers can trigger buffer overflows via long help page requests, excessive HTTP input, or lengthy credentials, resulting in potential denial of service or arbitrary code execution. This vulnerability highlights the importance of validating input lengths and securing application components against such exploits.

References

http://www.kb.cert.org/vuls/id/750299

third-party-advisoryx_refsource_CERT-VN

http://www.kb.cert.org/vuls/id/878603

third-party-advisoryx_refsource_CERT-VN

https://exchange.xforce.ibmcloud.com/vulnerabilities/8098

vdb-entryx_refsource_XF

EPSS Score

26% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 3, 2002
Vulnerability Reserved
Jun 7, 2002