CVE-2009-1979

Name of the Vulnerable Software and Affected Versions: Oracle Database versions 10.1.0.5 through 10.2.0.4

Description: The issue affects the confidentiality, integrity, and availability of the system. It is related to the Network Authentication component. Details about real-world incidents where this issue was exploited are not provided. An independent researcher claims that the issue might be related to improper validation of the AUTH SESSKEY parameter length, potentially leading to arbitrary code execution.

Recommendations: For Oracle Database versions 10.1.0.5 through 10.2.0.4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.