Description

Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter.

Remediation

References

CVE-2004-1774

Related Vulnerabilities

WordPress Plugin Catchers Helpdesk and Ticket system for Support Cross-Site Scripting (2.6.7)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4299)

Jenkins Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-1810)

RubyGems Improper Input Validation Vulnerability (CVE-2017-0901)

Magento Deserialization of Untrusted Data Vulnerability (CVE-2020-3716)

Severity

High

Classification

CVE-2004-1774

Tags

Missing Update Known Vulnerabilities