Description

dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLE_HOME to an alternate directory that contains a malicious version of dbsnmp.

Remediation

References

CVE-2001-0942

Related Vulnerabilities

Joomla! Core 3.x.x Cross-Site Scripting (3.0.0 - 3.9.15)

WordPress Plugin Mobile Apps by Wiziapp (Native iPhone & Android mobile Apps) Multiple Unspecified Vulnerabilities (4.1.2)

Atlassian Jira CVE-2019-20413 Vulnerability (CVE-2019-20413)

WordPress Plugin Augmented reality Unspecified Vulnerability (1.2.0)

Nginx Improper Certificate Validation Vulnerability (CVE-2009-3555)

Severity

Medium

Classification

CVE-2001-0942

Tags

Missing Update Known Vulnerabilities