The Oracle Spatial (formerly SDO) component of Oracle Database provides a set of functions which process multi-dimensional data.
A buffer overflow in the Oracle Spatial component allows an attacker with EXECUTE privileges on the SDO_CS.TRANSFORM_LAYER function to execute arbitrary commands.
Apply the patch referenced in the October 2006 Oracle Critical Patch Update.
Exploit works on Oracle Database 10.1.0.2 and 18.104.22.168.
Exploit requires a the login and password of a database user with privileges to create functions. The default "scott" user has sufficient privileges, but is disabled by default in Oracle Database 10g.