CVE-2001-0833

Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."

Published: Dec 6, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-0833
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / database_server	-	9.0.1.x
oracle / database_server	8.0	8.0.x
oracle / database_server	8.1	8.1.x

http://marc.info/?l=bugtraq&m=100386756715645&w=2
http://online.securityfocus.com/archive/1/201295
http://online.securityfocus.com/archive/1/222612
http://otn.oracle.com/deploy/security/pdf/otrcrep.pdf
http://www.ciac.org/ciac/bulletins/m-011.shtml
http://www.securityfocus.com/bid/3139
https://exchange.xforce.ibmcloud.com/vulnerabilities/6940

Vulnerability Database

289,689

CVE-2001-0833