Buffer Overflow in Oracle Binary

October 22, 2003

[From Oracle Technology Network]

A potential security vulnerability has been discovered in the "oracle" and "oracleO" (the letter O) binaries in the Oracle Database Server. This buffer overflow may allow a malicious local user to run code of their choice on the server machine.

Products Affected
Oracle 9i Database Release 2, Version 9.2.x
Oracle 9i Database Release 1, Version 9.0.x
Oracle 8i Database Release 8.1.x

Platforms Affected
All supported UNIX and Linux operating system variants.

The article continues at http://otn.oracle.com/deploy/security/pdf/2003Alert59.pdf