Vulnerabilities > CVE-2002-1264 - Unspecified vulnerability in Oracle Oracle9I

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

oracle

NVD

Published: 2002-11-12

Updated: 2016-10-18

Summary

Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 database server allows remote attackers to execute arbitrary code via a long USERID parameter in the isqlplus URL.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Oracle9I 9.0.1 Oracle Oracle9I 9.0.2 Oracle Oracle9I Release_2_9.2.1 Oracle Oracle9I 9.0 Oracle Oracle9I Release_2_9.2.2 Oracle Oracle9I 9.0.1.3 Oracle Oracle9I 9.0.1.2	7

References

http://www.iss.net/security_center/static/10524.php
http://technet.oracle.com/deploy/security/pdf/2002alert46rev1.pdf
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0060.html
http://www.securityfocus.com/bid/6085
http://www.osvdb.org/4013
http://marc.info/?l=bugtraq&m=103643298712284&w=2