Description
Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.
Product(s):
- Oracle Database Server
- Oracle Database Server Enterprise Edition
- Oracle Database Server 1.0.2.2
- Oracle Database Server 1.0.2.2 Release 1
- Oracle Database Server 10g 10.1.0.2
- Oracle Database Server 10g 10.1.0.3.1
- Oracle Database Server 10g 10.1.0.3
- Oracle Database Server 10g 10.1.0.3 Release 1
- Oracle Database Server 10g 10.1.0.4.2
- Oracle Database Server 10g 10.1.0.4.2 Release 1
- Oracle Database Server 10g 10.1.0.4
- Oracle Database Server 10g 10.1.0.4 Release 1
- Oracle Database Server 10g 10.1.0.5
- Oracle Database Server 10g 10.1.0.5 Release 1
- Oracle Database Server 10g 10.1
- Oracle Database Server 10g 10.2.0.0
- Oracle Database Server 10g 10.2.0.1
- Oracle Database Server 10g 10.2.0.1 Release 2
- Oracle Database Server 10g 10.2.0.2
- Oracle Database Server 10g 10.2.0.2 Release 2
- Oracle Database Server 10g 10.2.0.3
- Oracle Database Server 10g 10.2.0.3 Release 2
- Oracle Database Server 10g 10.2.0.4.2
- Oracle Database Server 10g 10.2.0.4
- Oracle Database Server 10g 10.2.0.5
- Oracle Database Server 10g 10.2.1
- Oracle Database Server 10g 10.2.2
- Oracle Database Server 10g 10.2.3
- Oracle Database Server 10g 10.2
- Oracle Database Server 10g
- Oracle Database Server 11g 11.1.0.6.0 Release 1 Enterprise Edition
- Oracle Database 11g 11.1.0.6.0 Release 1 Enterprise Edition
- Oracle Database Server 11g 11.1.0.6
- Oracle Database Server 11g 11.1.0.7.0 Enterprise Edition
- Oracle Database Server 11g 11.1.0.7
- Oracle Database Server 11g 11.2.0.1.0 Enterprise Edition
- Oracle Database 11g 11.2.0.1.0 Release 2 Enterprise Edition
- Oracle Database Server 11g 11.2.0.1
- Oracle Database Server 11g 11.2.0.2
- Oracle Database Server 11g 11.2.0.3
- Oracle Database Server 11.2.0.4
- Oracle Database Server 11g
- Oracle Oracle10g Database Server 11g
- Oracle Database Server 12.1.0.1
- Oracle Database Server 12.1.0.2
- Oracle Database Server 12.2.0.1
- Oracle Database Server 12c
- Oracle Database Server 18.1.0.0
- Oracle Database Server 18.1
- Oracle Database Server 18.2
- Oracle Database Server 18
- Oracle Database Server 18c
- Oracle Database Server 19.10
- Oracle Database Server 19.11
- Oracle Database Server 19.12
- Oracle Database Server 19.13
- Oracle Database Server 19.14
- Oracle Database Server 19.15
- Oracle Database Server 19.16
- Oracle Database Server 19.17
- Oracle Database Server 19.18
- Oracle Database Server 19.19
- Oracle Database Server 19.1
- Oracle Database Server 19.20
- Oracle Database Server 19.20 Enterprise Edition
- Oracle Database Server 19.21
- Oracle Database Server 19.22
- Oracle Database Server 19.3
- Oracle Database Server 19.3 Enterprise Edition
- Oracle Database Server 19.4
- Oracle Database Server 19.5
- Oracle Database Server 19.6
- Oracle Database Server 19.7
- Oracle Database Server 19.8
- Oracle Database Server 19.9
- Oracle Database Server 19c
- Oracle Database Server 21.11 Enterprise Edition
- Oracle Database Server 21.3
- Oracle Database Server 21.3 Enterprise Edition
- Oracle Database Server 21C
- Oracle Database Server 4.0.8
- Oracle Database Server 4.0.8 Release 2
- Oracle Database Server 4.2.0
- Oracle Database Server 4.2.3
- Oracle Database Server 5.1
- Oracle Database Server 7.0.2
- Oracle Database Server 7.0.64
- Oracle Database Server 7.1.3
- Oracle Database Server 7.1.4
- Oracle Database Server 7.1.5
- Oracle Database Server 7.3.3
- Oracle Database Server 7.3.4
- Oracle Database Server 7.3
- Oracle Database Server 7
- Oracle Database Server 8.0.1
- Oracle Database Server 8.0.2
- Oracle Database Server 8.0.3
- Oracle Database Server 8.0.4
- +38 additional
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2003-0727, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2003-0727 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.