Oracle Database Server 8.1.7.4 up to and including 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle oracle8i standard 8.1.7 .4 |
||
oracle oracle9i enterprise 9.2.0.4 |
||
oracle oracle9i standard 9.2.0.4 |
||
oracle oracle9i standard 9.0.1.3 |
||
oracle oracle9i personal 9.2.0.4 |
||
oracle oracle8i enterprise 8.1.7 .4 |