cbcvebase.
CVE-2003-1208
published 2004-12-03

CVE-2003-1208: Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long…

PriorityP434critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
13.19%
95.9th percentile
Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.

Affected

17 ranges
VendorProductVersion rangeFixed in
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
oracleoracle9i
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.