CVEブラウザに戻る

CVE-2003-0095

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0950%

EPSS Percentile7.21th

Published2003年3月3日

Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.

Affected Platforms (CPE)

📦

Oracle

Database Server

= 8.0.6

📦

Oracle

Database Server

= 9.2.1

📦

Oracle

Database Server

= 9.2.2

📦

Oracle

Oracle8i

= 8.1.7

📦

Oracle

Oracle8i

= 8.1.7.1

📦

Oracle

Oracle9i

= 9.0

📦

Oracle

Oracle9i

= 9.0.1

📦

Oracle

Oracle9i

= 9.0.1.2

📦

Oracle

Oracle9i

= 9.0.1.3

📦

Oracle

Oracle9i

= 9.0.2

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=104549693426042&w=2

🔗 http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf

🔗 http://www.cert.org/advisories/CA-2003-05.html

🔗 http://www.ciac.org/ciac/bulletins/n-046.shtml

🔗 http://www.iss.net/security_center/static/11328.php

🔗 http://www.kb.cert.org/vuls/id/953746

🔗 http://www.osvdb.org/6319

🔗 http://www.securityfocus.com/bid/6849

関連する脆弱性情報

CVE-2020-2949310.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthentic...

CVE-2020-677910.0

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 a...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-1999-000310.0

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).