Description

Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process.

Remediation

References

CVE-2002-0567

Related Vulnerabilities

Sqlite Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19925)

Oracle Application Server CVE-2009-0989 Vulnerability (CVE-2009-0989)

Coppermine Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3722)

MediaWiki URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-10959)

Liferay DXP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-44310)

Severity

High

Classification

CVE-2002-0567

Tags

Missing Update Known Vulnerabilities