CVE-2003-0634 Information

Description

Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1 and Oracle 8i allows authenticated database users and arbitrary database users in some cases to execute arbitrary code via a long library name.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0105.html http://marc.info/?l=bugtraq&m=105914979629857&w=2 http://marc.info/?l=bugtraq&m=105916455814904&w=2 http://marc.info/?l=ntbugtraq&m=105915485303327&w=2 http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf http://www.kb.cert.org/vuls/id/936868 http://www.securityfocus.com/bid/8267 https://exchange.xforce.ibmcloud.com/vulnerabilities/12721