Unrated severityNVD Advisory· Published Mar 3, 2003· Updated Apr 16, 2026
CVE-2003-0095
CVE-2003-0095
Description
Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.
Affected products
10cpe:2.3:a:oracle:database_server:8.0.6:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:database_server:8.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:9.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:9.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:8.1.7:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:oracle8i:8.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle8i:8.1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle9i:9.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:oracle:oracle9i:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:9.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:9.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:9.0.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- otn.oracle.com/deploy/security/pdf/2003alert51.pdfnvdPatchVendor Advisory
- www.cert.org/advisories/CA-2003-05.htmlnvdThird Party AdvisoryUS Government Resource
- www.iss.net/security_center/static/11328.phpnvdVendor Advisory
- www.kb.cert.org/vuls/id/953746nvdUS Government Resource
- marc.infonvd
- www.ciac.org/ciac/bulletins/n-046.shtmlnvd
- www.osvdb.org/6319nvd
- www.securityfocus.com/bid/6849nvd
News mentions
0No linked articles in our index yet.