CVE-2003-1208
published 2004-12-03CVE-2003-1208: Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long…
PriorityP434critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
13.19%
95.9th percentile
Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
| oracle | oracle9i | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0030.htmlhttp://secunia.com/advisories/10805http://www.ciac.org/ciac/bulletins/o-093.shtmlhttp://www.kb.cert.org/vuls/id/240174http://www.kb.cert.org/vuls/id/399806http://www.kb.cert.org/vuls/id/819126http://www.kb.cert.org/vuls/id/846582http://www.nextgenss.com/advisories/ora_from_tz.txthttp://www.nextgenss.com/advisories/ora_numtodsinterval.txthttp://www.nextgenss.com/advisories/ora_numtoyminterval.txthttp://www.nextgenss.com/advisories/ora_time_zone.txthttp://www.osvdb.org/3837http://www.osvdb.org/3838http://www.osvdb.org/3839http://www.osvdb.org/3840http://www.securityfocus.com/bid/9587https://exchange.xforce.ibmcloud.com/vulnerabilities/15060http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0030.htmlhttp://secunia.com/advisories/10805http://www.ciac.org/ciac/bulletins/o-093.shtmlhttp://www.kb.cert.org/vuls/id/240174http://www.kb.cert.org/vuls/id/399806http://www.kb.cert.org/vuls/id/819126http://www.kb.cert.org/vuls/id/846582http://www.nextgenss.com/advisories/ora_from_tz.txthttp://www.nextgenss.com/advisories/ora_numtodsinterval.txthttp://www.nextgenss.com/advisories/ora_numtoyminterval.txthttp://www.nextgenss.com/advisories/ora_time_zone.txthttp://www.osvdb.org/3837http://www.osvdb.org/3838http://www.osvdb.org/3839http://www.osvdb.org/3840http://www.securityfocus.com/bid/9587https://exchange.xforce.ibmcloud.com/vulnerabilities/15060
2004-12-03
Published