Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter.
Software | From | Fixed in |
---|---|---|
oracle / application_server | 10.1.0.2 | 10.1.0.2.x |
oracle / oracle10g | enterprise_10.1.0.2 | enterprise_10.1.0.2.x |
oracle / oracle10g | personal_10.1.0.2 | personal_10.1.0.2.x |
oracle / oracle10g | standard_10.1.0.2 | standard_10.1.0.2.x |