CVE-2003-1208

3 documents3 sources

Severity

10.0CRITICAL

EPSS

8.4%

top 7.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Oracle9i

Timeline

PublishedDec 3

Latest updateApr 29

Description

Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDoracle/oracle9i17 versions+16

Patches

Patch: secunia.com ↗Patch: www.ciac.org ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-q894-gjx6-p8jv: Multiple buffer overflows in Oracle 9i 9 before 9↗2022-04-29

▶

CVEList

CVE-2003-1208: Multiple buffer overflows in Oracle 9i 9 before 9↗2005-05-19

▶