Buffer Overflow in Oracle 10g extproc Allows Remote Code Execution via Environment Variables

Buffer Overflow in Oracle 10g extproc Allows Remote Code Execution via Environment Variables

CVE-2004-1363 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.

Learn more about our Web Application Penetration Testing UK.