Description

Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure.

Remediation

References

CVE-2007-5897

Related Vulnerabilities

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-1649)

WordPress Plugin Tera Charts Cross-Site Scripting (1.0)

WordPress Plugin File Manager Unspecified Vulnerability (4.1.4)

Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.21)

MySQL CVE-2016-8283 Vulnerability (CVE-2016-8283)

Severity

High

Classification

CVE-2007-5897 CWE-119

Tags

Missing Update Known Vulnerabilities