Description

Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter.

Remediation

References

CVE-2002-0947

Related Vulnerabilities

MediaWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2017-8809)

MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2023-45364)

MySQL CVE-2017-3649 Vulnerability (CVE-2017-3649)

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29519)

Joomla! Core 3.9.x CSV Injection (3.9.0 - 3.9.6)

Severity

High

Classification

CVE-2002-0947

Tags

Missing Update Known Vulnerabilities