BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

Oracle 10/11g exp.exe – param file Local Buffer Overflow

Disclosed February 15, 2011    Fully Patched

Vulnerability Description:

Oracle Database is susceptible to a local buffer overflow vulnerability. Successful exploitation would yield arbitrary code execution under the context of the Oracle database.

Vendors:

Oracle

Vulnerable Software/Devices:

Oracle Database 10.x, and prior to 11g Release 2 11.2.0.3

Vulnerability Severity:

Medium

Exploit Availability:

N/A

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 15809 - Oracle Critical Patch Update (CPU-JAN-2012) - Windows
  • 15810 - Oracle Critical Patch Update (CPU-JAN-2012) - UNIX/Linux

Mitigation:

No mitigation has been provided.

Links:

CVE(s):

None

Leave a Reply