Stack-based Buffer Overflow in Oracle Database Server 9i by Oracle
CVE-2003-0222
Currently unrated
Summary
A stack-based buffer overflow exists in the Oracle Net Services component of Oracle Database Server 9i release 2 and earlier versions. This vulnerability can be exploited by attackers through a specially crafted 'CREATE DATABASE LINK' query that includes a lengthy USING parameter in the connect string, potentially leading to the execution of arbitrary code. Organizations using affected versions should review their security policies and apply necessary patches or updates to mitigate the risk.
References
EPSS Score
30% chance of being exploited in the next 30 days.
Timeline
- 🟡
Public PoC available
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved