Description

Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.

Remediation

References

CVE-2003-0095

Related Vulnerabilities

WordPress Plugin Advanced AJAX Product Filters Security Bypass (1.3.6.1)

Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15153)

WebLogic CVE-2023-21839 Vulnerability (CVE-2023-21839)

WordPress Plugin WP eCommerce 'cart_messages[]' Parameter Cross-Site Scripting (3.8.6)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20281)

Severity

Critical

Classification

CVE-2003-0095 CWE-119

Tags

Missing Update Known Vulnerabilities