CVE-2007-0270

Name of the Vulnerable Software and Affected Versions Oracle Database versions 9.2.0.7 and 10.1.0.4

Description The issue is related to a buffer overflow in SYS.DBMS DRS, which can be exploited by remote authenticated users. This can lead to a denial of service (crash) or the execution of arbitrary code via the GET PROPERTY function in SYS.DBMS DRS.

Recommendations For Oracle Database version 9.2.0.7, consider disabling the GET PROPERTY function in SYS.DBMS DRS as a temporary workaround until a patch is available. For Oracle Database version 10.1.0.4, consider disabling the GET PROPERTY function in SYS.DBMS DRS as a temporary workaround until a patch is available.