Back to CVE Browser

CVE-2003-0095

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0950%

EPSS Percentile7.21th

PublishedMar 3, 2003

Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.

Affected Platforms (CPE)

📦

Oracle

Database Server

= 8.0.6

📦

Oracle

Database Server

= 9.2.1

📦

Oracle

Database Server

= 9.2.2

📦

Oracle

Oracle8i

= 8.1.7

📦

Oracle

Oracle8i

= 8.1.7.1

📦

Oracle

Oracle9i

= 9.0

📦

Oracle

Oracle9i

= 9.0.1

📦

Oracle

Oracle9i

= 9.0.1.2

📦

Oracle

Oracle9i

= 9.0.1.3

📦

Oracle

Oracle9i

= 9.0.2

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=104549693426042&w=2

🔗 http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf

🔗 http://www.cert.org/advisories/CA-2003-05.html

🔗 http://www.ciac.org/ciac/bulletins/n-046.shtml

🔗 http://www.iss.net/security_center/static/11328.php

🔗 http://www.kb.cert.org/vuls/id/953746

🔗 http://www.osvdb.org/6319

🔗 http://www.securityfocus.com/bid/6849

Related Vulnerabilities

CVE-2020-2949310.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthentic...

CVE-2020-677910.0

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 a...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-1999-000310.0

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).