CVE-2003-1208
CVE-2003-1208
Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0030.htmlhttp://secunia.com/advisories/10805https://exchange.xforce.ibmcloud.com/vulnerabilities/15060http://www.ciac.org/ciac/bulletins/o-093.shtmlhttp://www.kb.cert.org/vuls/id/240174http://www.kb.cert.org/vuls/id/399806http://www.kb.cert.org/vuls/id/819126http://www.kb.cert.org/vuls/id/846582http://www.nextgenss.com/advisories/ora_from_tz.txthttp://www.nextgenss.com/advisories/ora_numtodsinterval.txthttp://www.nextgenss.com/advisories/ora_numtoyminterval.txthttp://www.nextgenss.com/advisories/ora_time_zone.txt