CVE-2003-0096

Published Mar 3, 2003

Last updated 8 years ago

Overview

Description: Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:database_server:8.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C84852A-1153-46A7-9B82-D05F4A6043D9"
          },
          {
            "criteria": "cpe:2.3:a:oracle:database_server:9.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43116210-05B8-4241-9EC3-7697014A69A8"
          },
          {
            "criteria": "cpe:2.3:a:oracle:database_server:9.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA359418-31C5-4FCA-AA93-83AF15D3199A"
          },
          {
            "criteria": "cpe:2.3:a:oracle:oracle8i:8.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E0E5C6A-FFEA-4855-AE5D-65806B6AFA59"
          },
          {
            "criteria": "cpe:2.3:a:oracle:oracle8i:8.1.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2607015-B358-4963-968C-777E2AE9650D"
          },
          {
            "criteria": "cpe:2.3:a:oracle:oracle9i:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C2720EA-55FB-40B1-BE58-3E16628DA248"
          },
          {
            "criteria": "cpe:2.3:a:oracle:oracle9i:9.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9BB176D-7A94-4A91-89FC-9971E19FF7C6"
          },
          {
            "criteria": "cpe:2.3:a:oracle:oracle9i:9.0.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F012561-EA9E-4665-AD81-0AC7655BA22A"
          },
          {
            "criteria": "cpe:2.3:a:oracle:oracle9i:9.0.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEF5BE7D-BB10-43E5-8910-626CB6032D64"
          },
          {
            "criteria": "cpe:2.3:a:oracle:oracle9i:9.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "330BE6F7-144F-4188-84A4-6597AED71024"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References