Buffer Overflow Vulnerability in Oracle Database Server Products
CVE-2003-0095

Currently unrated

Key Information:

Vendor: Oracle
Status: Oracle9i; Database Server; Oracle8i
Vendor: CVE Published:; 3 March 2003

Summary

A buffer overflow vulnerability exists in Oracle Database Server that affects several versions, allowing remote attackers to execute arbitrary code. This occurs when a long username is provided during the login process, particularly through client applications that implement their own authentication. By exploiting this vulnerability, attackers could compromise the integrity and security of affected database servers.

References

http://www.cert.org/advisories/CA-2003-05.html

third-party-advisoryx_refsource_CERT

http://www.ciac.org/ciac/bulletins/n-046.shtml

third-party-advisorygovernment-resourcex_refsource_CIAC

http://www.securityfocus.com/bid/6849

vdb-entryx_refsource_BID

EPSS Score

43% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 3, 2003
Vulnerability Reserved
Feb 18, 2003