Oracle XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA Procedure Exploit

No description provided by source...

Oracle XDB component PITRIG_DROPMETADATA buffer overflow

Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...

Oracle XDB component PITRIG_DROPMETADATA buffer overflow

Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...

Oracle Database Server PITRIG_DROPMETADATA缓冲区溢出漏洞

Oracle Database Server是一款商业性质的数据库服务程序。 Oracle Database 10gR2处理XDB.XDBPITRIGPKG.PITRIGDROPMETADATA过程存在缓冲区溢出，远程攻击者可以利用漏洞以数据库帐户上下文执行任意指令。 XDB.XDBPITRIGPKG.PITRIGDROPMETADATA过程接收两个参数，OWNER和NAME，这些参数长度由内部函数使用，在没有过滤的情况下构建SQL查询，如果组合的两个字段长度过长，可导致缓冲区溢出，以数据库帐户上下文执行任意指令 Oracle Oracle10g Standard Edition 10....

CVE-2007-4517

CVE-2007-4517 affects Oracle Database 10g Release 2, specifically the XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure. A buffer overflow is triggered by a long combined OWNER or NAME parameter, enabling remote authenticated attackers to execute arbitrary code. Exploitation evidence exists in multipl...