Description

Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing format strings into certain entries in the listener.ora configuration file.

Remediation

References

CVE-2002-0857

Related Vulnerabilities

WordPress 4.4.x Multiple Vulnerabilities (4.4 - 4.4.27)

Dotclear Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-6523)

WordPress Plugin Image Slider Arbitrary File Deletion (1.1.89)

WordPress Plugin Google Pagespeed Insights Cross-Site Scripting (3.0.0)

WordPress Plugin XML Sitemap & Google News feeds Cross-Site Scripting (4.5)

Severity

High

Classification

CVE-2002-0857

Tags

Missing Update Known Vulnerabilities