Buffer Overflow in ORACLE.EXE binary of Oracle9i Database Server

Monday Feb 17th 2003 by DatabaseJournal.com Staff
Share:

A potential security vulnerability has been discovered in the ORACLE.EXE binary of Oracle9i Database.

[From Oracle Technology Network]

A potential security vulnerability has been discovered in the ORACLE.EXE binary of Oracle9i Database. A knowledgeable and malicious user can potentially execute arbitrary code by exploiting a buffer overflow in this binary.

Note that this exploit can manifest only when using a client application that does not place proper limits on the size of data sent to the server.

Download currently available patches from Oracle Worldwide Support Services web site, Metalink (http://metalink.oracle.com).

Alert #51, Rev 1, 11 Feburary 2003
Patches are available on Metalink.

The article continues at http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved