2 matches found
CVE-2001-0942
dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLEHOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLEHOME to an alternate directory that contains a malicious version of dbsnmp...
CVE-2001-0941
Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local users to execute arbitrary code via a long ORACLEHOME environment variable...