Oracle Database Server 8.1.7.4 up to and including 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle oracle9i standard_9.0.1.3 |
||
oracle oracle8i enterprise_8.1.7_.4 |
||
oracle oracle8i standard_8.1.7_.4 |
||
oracle oracle9i enterprise_9.2.0.4 |
||
oracle oracle9i personal_9.2.0.4 |
||
oracle oracle9i standard_9.2.0.4 |