Buffer Overflow Vulnerability in Oracle9i Database and Oracle 8i
CVE-2003-0634

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
27 August 2003

Summary

A stack-based buffer overflow exists in the PL/SQL EXTPROC functionality of Oracle9i Database and Oracle 8i. This vulnerability can be exploited by authenticated database users, and potentially arbitrary database users, allowing them to execute arbitrary code by supplying an excessively long library name. This poses a serious risk to data integrity and security, especially in environments where the database is exposed to untrusted users.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.