Buffer Overflow Vulnerability in Oracle Database Server by Oracle
CVE-2004-0638

Currently unrated

Key Information:

Vendor: Oracle
Status: Oracle8i; Oracle9i
Vendor: CVE Published:; 31 December 2004

Summary

A buffer overflow vulnerability exists in the KSDWRTB function of the dbms_system package within the Oracle Database Server. This flaw enables remote authorized users to exploit the vulnerability by providing a lengthy second argument, leading to the potential execution of arbitrary code. The versions affected include various releases of Oracle 9i and Oracle 8i, which raises significant security concerns for organizations utilizing these databases.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17254

vdb-entryx_refsource_XF

http://www.oracle.com/technology/deploy/security/pdf/2004...

x_refsource_CONFIRM

http://www.idefense.com/application/poi/display?id=135&ty...

third-party-advisoryx_refsource_IDEFENSE

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 31, 2004
Vulnerability Reserved
Jul 7, 2004