Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument.
2004-12-31T05:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 8.5 (HIGH)
AV:N/AC:M/Au:S/C:C/I:C/A:C
6.8
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | oracle | oracle8i | enterprise_8.1.7.4 | Yes |
| Application | oracle | oracle8i | standard_8.1.7.4 | Yes |
| Application | oracle | oracle9i | enterprise_9.0.1.4 | Yes |
| Application | oracle | oracle9i | enterprise_9.0.1.5 | Yes |
| Application | oracle | oracle9i | enterprise_9.2.0.3 | Yes |
| Application | oracle | oracle9i | enterprise_9.2.0.4 | Yes |
| Application | oracle | oracle9i | personal_9.0.1.4 | Yes |
| Application | oracle | oracle9i | personal_9.0.1.5 | Yes |
| Application | oracle | oracle9i | personal_9.2.0.3 | Yes |
| Application | oracle | oracle9i | personal_9.2.0.4 | Yes |
| Application | oracle | oracle9i | standard_9.0.1.4 | Yes |
| Application | oracle | oracle9i | standard_9.0.1.5 | Yes |
| Application | oracle | oracle9i | standard_9.2.0.3 | Yes |
| Application | oracle | oracle9i | standard_9.2.0.4 | Yes |