Local Privilege Escalation in Oracle Database Products on Unix Systems
CVE-2004-1707
Currently unrated
Summary
The Oracle database products, including versions 8i, 9i, and Oracle IAS 9.0.2.0.1, are susceptible to a local privilege escalation vulnerability due to the default library file search paths utilized by the dbsnmp and nmo programs. Operating with elevated privileges, these programs allow certain Oracle user accounts to potentially execute a modified libclntsh.so.9.0 library file, enabling unauthorized access to root privileges on Unix systems.
References
EPSS Score
20% chance of being exploited in the next 30 days.
Timeline
Vulnerability Reserved
Vulnerability published