PT-2003-1823 · Oracle · Oracle 9I Database

Published

2003-09-03

Updated

2017-09-28

CVE-2003-0727

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Oracle 9i Database Release 2

Description: The issue is related to multiple buffer overflows in the XML Database (XDB) functionality, which can be exploited by local users to cause a denial of service or hijack user sessions.

Recommendations: For Oracle 9i Database Release 2, consider restricting access to the XDB functionality until a patch is available. As a temporary workaround, limiting the privileges of local users may help minimize the risk of session hijacking.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0727

Affected Products

Oracle 9I Database

PT-2003-1823 · Oracle · Oracle 9I Database

CVE-2003-0727

Related Identifiers

Affected Products

References · 11