Stack-based Buffer Overflow in Oracle Database Server 9i by Oracle
CVE-2003-0222

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
12 May 2003

Badges

👾 Exploit Exists🟣 EPSS 30%

Summary

A stack-based buffer overflow exists in the Oracle Net Services component of Oracle Database Server 9i release 2 and earlier versions. This vulnerability can be exploited by attackers through a specially crafted 'CREATE DATABASE LINK' query that includes a lengthy USING parameter in the connect string, potentially leading to the execution of arbitrary code. Organizations using affected versions should review their security policies and apply necessary patches or updates to mitigate the risk.

References

EPSS Score

30% chance of being exploited in the next 30 days.

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.