Intrusion Prevention



This indicates an attack attempt against a stack-based buffer-overflow vulnerability in Oracle Database Servers.
The vulnerability is caused by insufficient checking of user-supplied data. It may allow remote attackers to execute arbitrary code via an overlong token.

Affected Products

Oracle10g Database Server any version
Oracle9i Database any version


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Oracle has released an alert (#68) and a patch to address these issues.

CVE References

CVE-2002-1264 CVE-2004-1371