CVE-2007-5897

Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:database_server:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:10.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:10.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:10.1.0.4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-11-08 21:46

Updated : 2024-02-04 17:13


NVD link : CVE-2007-5897

Mitre link : CVE-2007-5897

CVE.ORG link : CVE-2007-5897


JSON object : View

Products Affected

oracle

  • database_server
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer