[From Oracle Technology Network
Potential security vulnerabilities have been discovered in the EXTPROC
executable of the Oracle Database. A knowledgeable and malicious user can
potentially execute arbitrary code against the Oracle database by exploiting
buffer overflows in this executable.
- Oracle9i Release 2
- Oracle9i Release 1
- Oracle8i (8.1.x - all releases)
Required conditions for exploit
Database authenticated user (i.e., valid login required) with the CREATE
LIBRARY or the CREATE ANY LIBRARY privilege.
The article continues at