Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0894

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2003-0894
Last Modified 10 Sep 2008 03:20:53
Published 17 Nov 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0894

Summary

Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9i Database 9.0.x and 9.2.x before 9.2.0.4 allows local users to execute arbitrary code via a long command line argument.

Vulnerable Systems

Application

  • Oracle9i Enterprise 9.0.1

  • Oracle9i Enterprise 9.2.0.4

  • Oracle9i Personal 9.0.1

  • Oracle9i Personal 9.2.0.4

  • Oracle9i Standard 9.0

  • Oracle9i Standard 9.0.1

  • Oracle9i Standard 9.0.1.2

  • Oracle9i Standard 9.0.1.3

  • Oracle9i Standard 9.0.1.4

  • Oracle9i Standard 9.0.2

  • Oracle9i Standard 9.2.0.4


References

CERT-VN - VU#496340

XF - oracle-oracleo-binaries-bo(13451)

BID - 8845

BID - 8844

SECTRACK - 1007956

CONFIRM - http://otn.oracle.com/deploy/security/pdf/2003alert59.pdf


Last Updated: 27 May 2016 10:38:05