Oracle.Database.PITRIG_DROPMETADATA.Procedure.Buffer.Overflow
Description
This indicates a buffer overflow vulnerability in Oracle 10g R2.
The vulnerability is caused by failure to check the parameters passed to the XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure. It allows remote attackers to execute arbitrary code by calling this precedure with long arguments.
Affected Products
Oracle Oracle10g Standard Edition 10.2.3
Oracle Oracle10g Standard Edition 10.2.2
Oracle Oracle10g Standard Edition 10.2.1
Oracle Oracle10g Personal Edition 10.2.3
Oracle Oracle10g Personal Edition 10.2.2
Oracle Oracle10g Personal Edition 10.2.1
Oracle Oracle10g Enterprise Edition 10.2.3
Oracle Oracle10g Enterprise Edition 10.2.2
Oracle Oracle10g Enterprise Edition 10.2.1
Impact
System compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are not aware of any official fix for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |