vendor:
Oracle Database
by:
Dennis Yurichev
7.5
CVSS
HIGH
Memory-Corruption
119
CWE
Product Name: Oracle Database
Affected Version From: 9.2.0.8
Affected Version To: 11.1.0.7
Patch Exists: YES
Related CWE: CVE-2010-0071
CPE: oracle:database
Platforms Tested: Windows, Linux, None
2010
Remote Memory-Corruption Vulnerability in Oracle Database Listener
The vulnerability can be exploited over the 'Oracle Net' protocol. An attacker does not require privileges to exploit this vulnerability.
Mitigation:
Apply the patch provided by Oracle in CPUjan2010.