|
|
CVE Reference: CVE-2004-1363 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-1363 |
|
|
Description: Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/18659 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 MISC http://www.ngssoftware.com/advisories/oracle23122004.txt CONFIRM http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf CERT-VN 316206 CERT http://www.us-cert.gov/cas/techalerts/TA04-245A.html BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=110382345829397&w=2 BID 10871 |
|
| Return to the previous page. |
