Oracle 9iAS Apache PL/SQL Module Multiple Buffer Overflows Vulnerability

The Oracle 9iAS web service is powered by the Apache webserver. Included is an Apache module for PL/SQL support.

The Oracle 9iAS PL/SQL module is vulnerable to several buffer overflow conditions. Exploitation of these conditions may allow for attackers to execute arbitrary code remotely.

On Windows based systems, the module is run within the local SYSTEM security context. On Unix systems, the webserver may run with user-level privileges.


 

Privacy Statement
Copyright 2010, SecurityFocus