Unrated severityNVD Advisory· Published Mar 3, 2003· Updated Apr 16, 2026
CVE-2003-0096
CVE-2003-0096
Description
Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function.
Affected products
10cpe:2.3:a:oracle:database_server:9.2.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:oracle:database_server:9.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:9.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:8.1.7:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:oracle:oracle8i:8.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle8i:8.1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle9i:9.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:oracle:oracle9i:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:9.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:9.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:9.0.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
23- www.iss.net/security_center/static/11327.phpnvdVendor Advisory
- www.kb.cert.org/vuls/id/840666nvdThird Party AdvisoryUS Government Resource
- www.cert.org/advisories/CA-2003-05.htmlnvdUS Government Resource
- www.kb.cert.org/vuls/id/663786nvdUS Government Resource
- www.kb.cert.org/vuls/id/743954nvdUS Government Resource
- archives.neohapsis.com/archives/vulnwatch/2003-q1/0073.htmlnvd
- archives.neohapsis.com/archives/vulnwatch/2003-q1/0075.htmlnvd
- archives.neohapsis.com/archives/vulnwatch/2003-q1/0083.htmlnvd
- marc.infonvd
- marc.infonvd
- marc.infonvd
- otn.oracle.com/deploy/security/pdf/2003alert48.pdfnvd
- otn.oracle.com/deploy/security/pdf/2003alert49.pdfnvd
- otn.oracle.com/deploy/security/pdf/2003alert50.pdfnvd
- www.ciac.org/ciac/bulletins/n-046.shtmlnvd
- www.iss.net/security_center/static/11325.phpnvd
- www.iss.net/security_center/static/11326.phpnvd
- www.nextgenss.com/advisories/ora-bfilebo.txtnvd
- www.nextgenss.com/advisories/ora-tmstmpbo.txtnvd
- www.nextgenss.com/advisories/ora-tzofstbo.txtnvd
- www.securityfocus.com/bid/6847nvd
- www.securityfocus.com/bid/6848nvd
- www.securityfocus.com/bid/6850nvd
News mentions
0No linked articles in our index yet.