CVE-2000-0986 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Oracle Oracle8i

3 documents3 sources

Severity

4.6MEDIUMNVD

EPSS

0.3%

top 47.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Oracle8i

Timeline

PublishedDec 19

Latest updateApr 30

Description

Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsping, trcasst, and trcroute possibly allow local users to gain privileges via a long ORACLE_HOME environmental variable.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDoracle/oracle8i8.1.5

🔴Vulnerability Details

GHSA

GHSA-7c4p-gjx7-mf7v: Buffer overflow in Oracle 8↗2022-04-30

▶

CVEList

CVE-2000-0986: Buffer overflow in Oracle 8↗2000-11-29

▶