CVE-2003-0222

Currently unrated

Key Information:

Vendor
Oracle
Status
Database Server
Oracle8i
Oracle9i
Vendor
CVE Published:
12 May 2003

Badges

πŸ‘Ύ Exploit Exists

Summary

Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.

References

http://marc.info/?l=bugtraq&m=105162831008176&w=2
mailing-listx_refsource_BUGTRAQ
http://www.ciac.org/ciac/bulletins/n-085.shtml
third-party-advisorygovernment-resourcex_refsource_CIAC
https://exchange.xforce.ibmcloud.com/vulnerabilities/11885
vdb-entryx_refsource_XF

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.