Vulnerability in Oracle 8.0.x up to and including 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle database server |
||
oracle database server 8.0 |
||
oracle database server 8.1 |