Buffer Overflow Vulnerability in Oracle Database XML Database Component
CVE-2006-0272

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
18 January 2006

Summary

A vulnerability exists in the XML Database component of Oracle Database that potentially allows for a buffer overflow through improper handling of arguments in specific database procedures, namely DBMS_XMLSCHEMA and DBMS_XMLSCHEMA_INT. This issue can be exploited via maliciously crafted long arguments in calls to XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS, which can lead to unexpected behavior or system compromise. Organizations using affected versions should implement security measures and updates to mitigate the risk.

References

EPSS Score

39% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.