Buffer Overflow in Oracle 10g MD2 Package
CVE-2004-1774
Currently unrated
Summary
A buffer overflow vulnerability exists in the SDO_CODE_SIZE procedure of the MD2 package in Oracle 10g. This flaw allows local users to potentially execute arbitrary code by exploiting a long LAYER parameter. Users are advised to upgrade to at least version 10.1.0.2 Patch 2 to mitigate the risk posed by this vulnerability.
References
EPSS Score
14% chance of being exploited in the next 30 days.
Timeline
Vulnerability Reserved
Vulnerability published