CVE Vulnerabilities


Published: Aug 27, 2003 | Modified: Jul 11, 2017
CVSS 3.x
CVSS 2.x
7.5 HIGH

Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.

Affected Software

Name Vendor Start Version End Version
Oracle8i Oracle enterprise_8.1.5_.0.0 enterprise_8.1.5_.0.0
Oracle8i Oracle enterprise_8.1.5_.0.2 enterprise_8.1.5_.0.2
Oracle8i Oracle enterprise_8.1.5_.1.0 enterprise_8.1.5_.1.0
Oracle8i Oracle enterprise_8.1.6_.0.0 enterprise_8.1.6_.0.0
Oracle8i Oracle enterprise_8.1.6_.1.0 enterprise_8.1.6_.1.0
Oracle8i Oracle enterprise_8.1.7_.0.0 enterprise_8.1.7_.0.0
Oracle8i Oracle enterprise_8.1.7_.1.0 enterprise_8.1.7_.1.0
Oracle8i Oracle standard_8.1.5 standard_8.1.5
Oracle8i Oracle standard_8.1.6 standard_8.1.6
Oracle8i Oracle standard_8.1.7 standard_8.1.7
Oracle8i Oracle standard_8.1.7_.0.0 standard_8.1.7_.0.0
Oracle8i Oracle standard_8.1.7_.1 standard_8.1.7_.1
Oracle8i Oracle standard_8.1.7_.4 standard_8.1.7_.4
Oracle9i Oracle client_9.2.0.1 client_9.2.0.1
Oracle9i Oracle client_9.2.0.2 client_9.2.0.2
Oracle9i Oracle enterprise_9.0.1 enterprise_9.0.1
Oracle9i Oracle enterprise_9.2.0.1 enterprise_9.2.0.1
Oracle9i Oracle enterprise_9.2.0.2 enterprise_9.2.0.2
Oracle9i Oracle personal_9.0.1 personal_9.0.1
Oracle9i Oracle personal_9.2.0.1 personal_9.2.0.1
Oracle9i Oracle personal_9.2.0.2 personal_9.2.0.2
Oracle9i Oracle standard_9.0 standard_9.0
Oracle9i Oracle standard_9.0.1 standard_9.0.1
Oracle9i Oracle standard_9.0.1.2 standard_9.0.1.2
Oracle9i Oracle standard_9.0.1.3 standard_9.0.1.3
Oracle9i Oracle standard_9.0.1.4 standard_9.0.1.4
Oracle9i Oracle standard_9.0.2 standard_9.0.2
Oracle9i Oracle standard_9.2.0.1 standard_9.2.0.1
Oracle9i Oracle standard_9.2.0.2 standard_9.2.0.2