Oracle : Security Vulnerabilities, CVEs, Published In December 2004 (Code Execution)
Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument.
Max CVSS
8.5
EPSS Score
0.86%
Published
2004-12-31
Updated
2017-07-11
Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.
Max CVSS
10.0
EPSS Score
0.58%
Published
2004-12-03
Updated
2017-07-11
2 vulnerabilities found