Description

Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file.

Remediation

References

CVE-2002-0857

Related Vulnerabilities

WordPress Plugin Shortlinks by Pretty Links-Best WordPress Link Tracking Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.5.2)

Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-5690)

WordPress Plugin SEO Plugin LiveOptim Multiple Vulnerabilities (1.1.8-free)

Oracle JRE CVE-2013-5800 Vulnerability (CVE-2013-5800)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-35622)

Severity

High

Classification

CVE-2002-0857

Tags

Missing Update Known Vulnerabilities