Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Oracle数据库服务器MDSYS.SDO_CS软件包远程溢出漏洞
Vulnerability Description
Oracle是一款大型的商用数据库系统。 Oracle捆绑的MDSYS.SDO_CS软件包实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 Oracle数据库服务器捆绑的MDSYS.SDO_CS软件包提供用于系统协作的子程序,该软件包中的TRANSFORM函数存在缓冲区溢出漏洞。如果远程攻击者向该函数提交了恶意请求的话,就可能触发这个溢出,导致拒绝服务或执行任意指令。默认下MDSYS.SDO_CS对PUBLIC开放EXECUTE权限,因此任何Oracle用户都可以触发这个漏洞。
CVSS Information
N/A
Vulnerability Type
N/A