Unrated severityNVD Advisory· Published Dec 3, 2004· Updated Apr 16, 2026
CVE-2003-1208
CVE-2003-1208
Description
Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.
Affected products
17cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:oracle:oracle9i:standard_9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:standard_9.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:standard_9.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:standard_9.0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:standard_9.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:standard_9.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:standard_9.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:standard_9.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:enterprise_9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:enterprise_9.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:personal_9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:personal_9.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:personal_9.2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:personal_9.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:oracle9i:standard_9.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
17- www.ciac.org/ciac/bulletins/o-093.shtmlnvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/240174nvdPatchThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/399806nvdPatchThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/819126nvdPatchThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/846582nvdPatchThird Party AdvisoryUS Government Resource
- archives.neohapsis.com/archives/vulnwatch/2004-q1/0030.htmlnvdExploitVendor Advisory
- secunia.com/advisories/10805nvdExploitPatch
- www.nextgenss.com/advisories/ora_from_tz.txtnvdExploitPatch
- www.nextgenss.com/advisories/ora_numtodsinterval.txtnvdExploitPatch
- www.nextgenss.com/advisories/ora_numtoyminterval.txtnvdExploitPatch
- www.nextgenss.com/advisories/ora_time_zone.txtnvdExploit
- www.osvdb.org/3837nvdExploitPatchVendor Advisory
- www.osvdb.org/3838nvdExploitPatchVendor Advisory
- www.osvdb.org/3839nvdExploitPatchVendor Advisory
- www.osvdb.org/3840nvdExploitPatchVendor Advisory
- www.securityfocus.com/bid/9587nvdExploitPatchVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/15060nvd
News mentions
0No linked articles in our index yet.