Description
Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure.
Remediation
References
Related Vulnerabilities
Internet Information Services Improper Input Validation Vulnerability (CVE-1999-0867)
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9840)
WordPress Plugin Blog social sharing component Cross-Site Scripting (1.4.4)
WordPress Plugin Featurific For WordPress 'snum' Parameter Cross-Site Scripting (1.6.2)
WordPress Plugin ComicPress Manager 'lang' Parameter Cross-Site Scripting (1.4.9.9)