Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.
Software | From | Fixed in |
---|---|---|
oracle / oracle9i | enterprise_9.0.1 | enterprise_9.0.1.x |
oracle / oracle9i | enterprise_9.2.0 | enterprise_9.2.0.x |
oracle / oracle9i | enterprise_9.2.0.1 | enterprise_9.2.0.1.x |
oracle / oracle9i | enterprise_9.2.0.2 | enterprise_9.2.0.2.x |
oracle / oracle9i | personal_9.0.1 | personal_9.0.1.x |
oracle / oracle9i | personal_9.2 | personal_9.2.x |
oracle / oracle9i | personal_9.2.0.1 | personal_9.2.0.1.x |
oracle / oracle9i | personal_9.2.0.2 | personal_9.2.0.2.x |
oracle / oracle9i | standard_9.0 | standard_9.0.x |
oracle / oracle9i | standard_9.0.1 | standard_9.0.1.x |
oracle / oracle9i | standard_9.0.1.2 | standard_9.0.1.2.x |
oracle / oracle9i | standard_9.0.1.3 | standard_9.0.1.3.x |
oracle / oracle9i | standard_9.0.1.4 | standard_9.0.1.4.x |
oracle / oracle9i | standard_9.0.2 | standard_9.0.2.x |
oracle / oracle9i | standard_9.2 | standard_9.2.x |
oracle / oracle9i | standard_9.2.0.1 | standard_9.2.0.1.x |
oracle / oracle9i | standard_9.2.0.2 | standard_9.2.0.2.x |