2 matches found
CVE-2001-0942
The CVE concerns Oracle 8.1.6 and 8.1.7 where dbsnmp uses the ORACLE_HOME environment variable to locate and execute the dbsnmp program. A local user can point ORACLE_HOME to an attacker-controlled directory that contains a malicious dbsnmp, enabling arbitrary code execution with local privileges...
CVE-2001-0942
dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLEHOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLEHOME to an alternate directory that contains a malicious version of dbsnmp...