Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Oracle9i | Oracle | enterprise_9.0.1 | enterprise_9.0.1 |
| Oracle9i | Oracle | enterprise_9.2.0 | enterprise_9.2.0 |
| Oracle9i | Oracle | enterprise_9.2.0.1 | enterprise_9.2.0.1 |
| Oracle9i | Oracle | enterprise_9.2.0.2 | enterprise_9.2.0.2 |
| Oracle9i | Oracle | personal_9.0.1 | personal_9.0.1 |
| Oracle9i | Oracle | personal_9.2 | personal_9.2 |
| Oracle9i | Oracle | personal_9.2.0.1 | personal_9.2.0.1 |
| Oracle9i | Oracle | personal_9.2.0.2 | personal_9.2.0.2 |
| Oracle9i | Oracle | standard_9.0 | standard_9.0 |
| Oracle9i | Oracle | standard_9.0.1 | standard_9.0.1 |
| Oracle9i | Oracle | standard_9.0.1.2 | standard_9.0.1.2 |
| Oracle9i | Oracle | standard_9.0.1.3 | standard_9.0.1.3 |
| Oracle9i | Oracle | standard_9.0.1.4 | standard_9.0.1.4 |
| Oracle9i | Oracle | standard_9.0.2 | standard_9.0.2 |
| Oracle9i | Oracle | standard_9.2 | standard_9.2 |
| Oracle9i | Oracle | standard_9.2.0.1 | standard_9.2.0.1 |
| Oracle9i | Oracle | standard_9.2.0.2 | standard_9.2.0.2 |