Buffer Overflow in Oracle 10g MD2 Package
CVE-2004-1774

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
31 August 2004

Summary

A buffer overflow vulnerability exists in the SDO_CODE_SIZE procedure of the MD2 package in Oracle 10g. This flaw allows local users to potentially execute arbitrary code by exploiting a long LAYER parameter. Users are advised to upgrade to at least version 10.1.0.2 Patch 2 to mitigate the risk posed by this vulnerability.

References

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.