Local Command Execution Vulnerability in Oracle Database Server
CVE-2004-0637
Currently unrated
Summary
The Oracle Database Server versions 8.1.7.4 to 9.2.0.4 contain a vulnerability in the ctxsys.driload package that allows local users to execute commands with elevated privileges. This security flaw arises because the ctxsys.driload package is publicly accessible, which could be exploited to gain unauthorized access to sensitive system functionalities.
References
EPSS Score
24% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved