CVE-2003-1208

Currently unrated

Key Information:

Vendor: Oracle
Status: Oracle9i
Vendor: CVE Published:; 3 December 2004

Summary

Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/15060

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/399806

third-party-advisoryx_refsource_CERT-VN

http://www.osvdb.org/3840

vdb-entryx_refsource_OSVDB

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
May 19, 2005
Vulnerability published
Dec 3, 2004