Description
The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0.
Remediation
References
Related Vulnerabilities
Moodle Incorrect Authorization Vulnerability (CVE-2025-26526)
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2025-7458)
WordPress Plugin Contact Form DB Multiple Cross-Site Scripting Vulnerabilities (2.8.15)
WordPress Plugin WP Hotel Booking Remote Code Execution (1.10.2)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-2643)