Buffer Overflow in the XML Database of Oracle9i Database Server

August 20, 2003

[From Oracle Technology Network]

A set of potential buffer overflows has been discovered in the XML Database (XDB) functionality of the Oracle9i Database Release 2. A knowledgeable and malicious user can exploit these buffer overflows to cause a Denial of Service (DoS) attack against and/or capture an active user session of the Oracle9i Database Server.

Products Affected

  • Oracle9i Database Release 2
Oracle9i Database Release 1 and earlier versions are not affected.

The article continues at http://otn.oracle.com/deploy/security/pdf/2003Alert58.pdf