exploits , vulnerabilities , articles , Oracle Database Server MDSYS.SDO

Title	Oracle Database Server MDSYS.SDO_CS Buffer Overflow Vulnerability
Published	2007-10-11-12:00AM
Updated	2007-11-16-08:54PM
Class	Boundary Condition Error
CVE	CVE-2007-5897
Remote	Yes
Local	No
Credit	Esteban Martinez Fayo of Application Security, Inc discovered this issue.
Vulnerable	Oracle Oracle9i Standard Edition 9.2 .6 Oracle Oracle9i Standard Edition 9.2 .3 Oracle Oracle9i Standard Edition 9.2 .2 Oracle Oracle9i Standard Edition 9.2 .2 Oracle Oracle9i Standard Edition 9.2 .1 Oracle Oracle9i Standard Edition 9.2 .1 Oracle Oracle9i Standard Edition 9.2 .0.5 Oracle Oracle9i Standard Edition 9.2 .0.3 Oracle Oracle9i Standard Edition 9.2 .0.2 Oracle Oracle9i Standard Edition 9.2 .0.1 Oracle Oracle9i Standard Edition 9.2 Oracle Oracle9i Standard Edition 9.0.4 Oracle Oracle9i Standard Edition 9.0.2 Oracle Oracle9i Standard Edition 9.0.1 .5 FIPS Oracle Oracle9i Standard Edition 9.0.1 .5 Oracle Oracle9i Standard Edition 9.0.1 .4 Oracle Oracle9i Standard Edition 9.0.1 .3 Oracle Oracle9i Standard Edition 9.0.1 .2 Oracle Oracle9i Standard Edition 9.0.1 Oracle Oracle9i Standard Edition 9.0 .2.4 Oracle Oracle9i Standard Edition 9.0 Oracle Oracle9i Standard Edition 8.1.7 Oracle Oracle9i Personal Edition 9.2 .6 Oracle Oracle9i Personal Edition 9.2 .0.5 Oracle Oracle9i Personal Edition 9.2 .0.3 Oracle Oracle9i Personal Edition 9.2 .0.2 Oracle Oracle9i Personal Edition 9.2 .0.1 Oracle Oracle9i Personal Edition 9.2 Oracle Oracle9i Personal Edition 9.0.4 Oracle Oracle9i Personal Edition 9.0.1 .5 FIPS Oracle Oracle9i Personal Edition 9.0.1 .5 Oracle Oracle9i Personal Edition 9.0.1 .4 Oracle Oracle9i Personal Edition 9.0.1 Oracle Oracle9i Personal Edition 9.0 .2.4 Oracle Oracle9i Personal Edition 8.1.7 Oracle Oracle8i Standard Edition 8.1.7 .4 Oracle Oracle8i Standard Edition 8.1.7 .4 Oracle Oracle8i Standard Edition 8.1.7 .1 Oracle Oracle8i Standard Edition 8.1.7 .0.0 Oracle Oracle8i Standard Edition 8.1.7 Oracle Oracle8i Standard Edition 8.1.6 Oracle Oracle8i Standard Edition 8.1.5 Oracle Oracle8i Standard Edition 8.1 x Oracle Oracle8i Standard Edition 8.0.6 .3 Oracle Oracle8i Standard Edition 8.0.6 Oracle Oracle8i Standard Edition 8.0 x Oracle Oracle8i Enterprise Edition 8.1.7 .4 Oracle Oracle8i Enterprise Edition 8.1.7 .1.0 Oracle Oracle8i Enterprise Edition 8.1.7 .0.0 Oracle Oracle8i Enterprise Edition 8.1.6 .1.0 Oracle Oracle8i Enterprise Edition 8.1.6 .0.0 Oracle Oracle8i Enterprise Edition 8.1.5 .1.0 Oracle Oracle8i Enterprise Edition 8.1.5 .0.2 Oracle Oracle8i Enterprise Edition 8.1.5 .0.0 Oracle Oracle8i Enterprise Edition 8.0.6 .0.1 Oracle Oracle8i Enterprise Edition 8.0.6 .0.0 Oracle Oracle8i Enterprise Edition 8.0.5 .0.0 Oracle Oracle10g Standard Edition 10.2 .3 Oracle Oracle10g Standard Edition 10.2 .2 Oracle Oracle10g Standard Edition 10.2 .1 Oracle Oracle10g Standard Edition 10.1 .4 Oracle Oracle10g Standard Edition 10.1 .0.5 Oracle Oracle10g Standard Edition 10.1 .0.4 Oracle Oracle10g Standard Edition 10.1 .0.3.1 Oracle Oracle10g Standard Edition 10.1 .0.3 Oracle Oracle10g Standard Edition 10.1 .0.2 Oracle Oracle10g Personal Edition 10.1 .4 Oracle Oracle10g Personal Edition 10.1 .0.4 Oracle Oracle10g Personal Edition 10.1 .0.3.1 Oracle Oracle10g Personal Edition 10.1 .0.3 Oracle Oracle10g Personal Edition 10.1 .0.2 Oracle Oracle10g Enterprise Edition 10.1 .5 Oracle Oracle10g Enterprise Edition 10.1 .5 Oracle Oracle10g Enterprise Edition 10.1 .4 Oracle Oracle10g Enterprise Edition 10.1 .0.4 Oracle Oracle10g Enterprise Edition 10.1 .0.3.1 Oracle Oracle10g Enterprise Edition 10.1 .0.3 Oracle Oracle10g Enterprise Edition 10.1 .0.2
Not Vulnerable
Code	Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:content@securitydot.net.
TXT

Vulnerabilities - newest 10 RSS | More

2008-12-01 SystemImager Flamethrower Insecure Temporary File Creation Vulnerabilities
2008-12-01 Rumpus FTP Server Command Argument Remote Buffer Overflow Vulnerability
2008-12-01 Rumpus FTP Server HTTP Command Remote Denial of Service Vulnerability
2008-11-29 Multiple ActiveWebSoftwares Products Login Parameters SQL Injection Vulnerabilities
2008-11-29 Venalsur Booking Centre Multiple Cross-Site Scripting Vulnerabilities
2008-11-28 ReVou Login SQL Injection Vulnerability
2008-11-28 Web Calendar System SQL Injection and Cross Site Scripting Vulnerabilities
2008-11-28 SailPlanner Login SQL Injection Vulnerability
2008-11-28 Livio.net WEB Calendar Cross Site Scripting and Multiple SQL Injection Vulnerabilities
2008-11-28 Subtext Anchor Tags HTML Injection Vulnerability

exploits , vulnerabilities , articles , Oracle Database Server MDSYS.SDO_CS Buffer Overflow Vulnerability