Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1767Improper Restriction of Operations within the Bounds of a Memory Buffer in Oracle Database Server

4 documents4 sources
Severity
7.2HIGHNVD
EPSS
4.0%
top 11.48%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Oracle Database Server
Timeline
PublishedDec 31
Latest updateApr 30

Description

Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linux allows local users to execute arbitrary code as the oracle user via a long command line argument.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-9pcm-7prc-jqw3: Buffer overflow in tnslsnr of Oracle 8i Database Server 82022-04-30
CVEList
CVE-2002-1767: Buffer overflow in tnslsnr of Oracle 8i Database Server 82005-06-21

💥Exploits & PoCs

1
Exploit-DB
Oracle 8i - TNS Listener Local Command Parameter Buffer Overflow2002-04-01
CVE-2002-1767 — Oracle Database Server vulnerability | cvebase