Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Tips Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS Access
SQL Scripts & Samples
» Database Forum
» Slideshows
» Sitemap
Free Newsletters:

By submitting your information, you agree that databasejournal.com may send you databasejournal offers via email, phone and text message, as well as email offers about other products and services that databasejournal believes may be of interest to you. databasejournal will process your information in accordance with the Quinstreet Privacy Policy.

News Via RSS Feed

Database Journal |DBA Support |SQLCourse |SQLCourse2

Featured Database Articles

Database News

Posted Feb 17, 2003

Buffer Overflow in ORACLE.EXE binary of Oracle9i Database Server

By DatabaseJournal.com Staff

[From Oracle Technology Network]

A potential security vulnerability has been discovered in the ORACLE.EXE binary of Oracle9i Database. A knowledgeable and malicious user can potentially execute arbitrary code by exploiting a buffer overflow in this binary.

Note that this exploit can manifest only when using a client application that does not place proper limits on the size of data sent to the server.

Download currently available patches from Oracle Worldwide Support Services web site, Metalink (http://metalink.oracle.com).

Alert #51, Rev 1, 11 Feburary 2003
Patches are available on Metalink.

The article continues at http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf

Database News Archives

Comment and Contribute


(Maximum characters: 1200). You have characters left.



Latest Forum Threads
Database News Forum
Topic By Replies Updated
Efficient SQL Server Indexing by Design lcole 0 April 30th, 12:38 PM
Mine Oracle Database, SQL Server and Other Databases with Monarch Data Pump Pro V10.5 lcole 0 April 30th, 12:37 PM
Oracle Database and Oracle Fusion Middleware for Private Social Network Application lcole 0 April 30th, 12:31 PM
Oracle Database Maintains a Stronghold in the DBMS Market lcole 0 April 30th, 12:30 PM