CVE-2007-2116

Name of the Vulnerable Software and Affected Versions Oracle Database versions 9.0.1.5 and later, 9.2.0.7, 10.1.0.5

Description The issue concerns an unspecified vulnerability in the Advanced Replication component. It is claimed to be related to buffer overflows in the kkzi.o file for the SYS.DBMS SNAP INTERNAL package, specifically using the SNAP OWNER or SNAP NAME parameters. However, Oracle has not confirmed this as of the specified date.

Recommendations For Oracle Database versions 9.0.1.5 and later, 9.2.0.7, 10.1.0.5, consider restricting access to the SYS.DBMS SNAP INTERNAL package to minimize the risk of exploitation. As a temporary workaround, avoid using the SNAP OWNER and SNAP NAME parameters in the affected package until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.