Buffer Overflow Vulnerability in Oracle 9i and 8i Database Products
CVE-2003-0096

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
3 March 2003

Summary

Multiple buffer overflow vulnerabilities exist within the Oracle Database, particularly affecting versions 9i and 8i. Attackers can exploit these vulnerabilities through crafted inputs to specific database functions, including TO_TIMESTAMP_TZ, TZ_OFFSET, and BFILENAME. By supplying excessively long strings as arguments, malicious users have the potential to execute arbitrary code remotely, compromising the integrity of the database system and possibly the broader network.

References

EPSS Score

46% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.