1. CVE-Search
  2. CVE-2003-0634
ID CVE-2003-0634
Summary Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5_.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6_.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7_.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:standard_8.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:standard_8.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:standard_8.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle8i:standard_8.1.7_.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:client_9.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:client_9.2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 8267
bugtraq
  • 20030725 Oracle Extproc Buffer Overflow (#NISR25072003)
  • 20030725 question about oracle advisory
cert-vn VU#936868
confirm http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf
ntbugtraq 20030725 Oracle Extproc Buffer Overflow (#NISR25072003)
vulnwatch 20030912 Update to the Oracle EXTPROC advisory
xf oracle-extproc-bo(12721)
Last major update 11-07-2017 - 01:29
Published 27-08-2003 - 04:00
Last modified 11-07-2017 - 01:29
Back to Top