Описание
Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function.
Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2003-0096
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0073.html
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0075.html
- http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0083.html
- http://marc.info/?l=bugtraq&m=104549743326864&w=2
- http://marc.info/?l=bugtraq&m=104549782327321&w=2
- http://marc.info/?l=bugtraq&m=104550346303295&w=2
- http://otn.oracle.com/deploy/security/pdf/2003alert48.pdf
- http://otn.oracle.com/deploy/security/pdf/2003alert49.pdf
- http://otn.oracle.com/deploy/security/pdf/2003alert50.pdf
- http://www.cert.org/advisories/CA-2003-05.html
- http://www.ciac.org/ciac/bulletins/n-046.shtml
- http://www.iss.net/security_center/static/11325.php
- http://www.iss.net/security_center/static/11326.php
- http://www.iss.net/security_center/static/11327.php
- http://www.kb.cert.org/vuls/id/663786
- http://www.kb.cert.org/vuls/id/743954
- http://www.kb.cert.org/vuls/id/840666
- http://www.nextgenss.com/advisories/ora-bfilebo.txt
- http://www.nextgenss.com/advisories/ora-tmstmpbo.txt
- http://www.nextgenss.com/advisories/ora-tzofstbo.txt
- http://www.securityfocus.com/bid/6847
- http://www.securityfocus.com/bid/6848
- http://www.securityfocus.com/bid/6850
Связанные уязвимости
Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function.