Buffer Overflows in EXTPROC of Oracle Database Server

August 8, 2003

[From Oracle Technology Network]

Potential security vulnerabilities have been discovered in the EXTPROC executable of the Oracle Database. A knowledgeable and malicious user can potentially execute arbitrary code against the Oracle database by exploiting buffer overflows in this executable.

Products Affected

  • Oracle9i Release 2
  • Oracle9i Release 1
  • Oracle8i (8.1.x - all releases)

The article continues at http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf