CVE-2007-4517

Name of the Vulnerable Software and Affected Versions Oracle 10g R2

Description A buffer overflow issue exists in the XDB.XDB PITRIG PKG.PITRIG DROPMETADATA procedure, allowing remote authenticated users to execute arbitrary code by providing a long OWNER or NAME argument.

Recommendations For Oracle 10g R2, consider restricting access to the XDB.XDB PITRIG PKG.PITRIG DROPMETADATA procedure until a patch is available. As a temporary workaround, limit the length of the OWNER and NAME arguments to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.