Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Application_server | Oracle | 10.1.0.2 (including) | 10.1.0.2 (including) |
Oracle10g | Oracle | enterprise_10.1.0.2 (including) | enterprise_10.1.0.2 (including) |
Oracle10g | Oracle | personal_10.1.0.2 (including) | personal_10.1.0.2 (including) |
Oracle10g | Oracle | standard_10.1.0.2 (including) | standard_10.1.0.2 (including) |