CVE-2004-1363

Name of the Vulnerable Software and Affected Versions: Oracle 10g

Description: A buffer overflow issue exists in the extproc component, allowing remote attackers to execute arbitrary code. This is achieved by manipulating environment variables in the library name, which are expanded after the length check is performed.

Recommendations: For Oracle 10g, consider restricting access to the extproc component until a fix is available. As a temporary workaround, avoid using environment variables in library names to minimize the risk of exploitation.