Local Privilege Escalation in Oracle Database Products on Unix Systems
CVE-2004-1707

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
30 July 2004

Summary

The Oracle database products, including versions 8i, 9i, and Oracle IAS 9.0.2.0.1, are susceptible to a local privilege escalation vulnerability due to the default library file search paths utilized by the dbsnmp and nmo programs. Operating with elevated privileges, these programs allow certain Oracle user accounts to potentially execute a modified libclntsh.so.9.0 library file, enabling unauthorized access to root privileges on Unix systems.

References

EPSS Score

20% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.