VULHUB ™

Oracle has reported that the XML Database functionality in Oracle 9i Release 2 is vulnerable to a remotely exploitable buffer overflow condition. The flaw can be exploited through the HTTP or FTP services, which are enabled by default. If the services are disabled, the vulnerabilities may still be exploited if the attack erhas valid database credentials. This vulnerability can be exploited to cause a denial or service or to compromise the database server. Oracle has stated that Oracle 9i Release 1 and prior are not affected. The Oracle advisory that prompted this alert is likely related to the vulnerabilities described in BID 8375.

Oracle has reported that the XML Database functionality in Oracle 9i Release 2 is vulnerable to a remotely exploitable buffer overflow condition. The flaw can be exploited through the HTTP or FTP services, which are enabled by default. If the services are disabled, the vulnerabilities may still be exploited if the attack erhas valid database credentials. This vulnerability can be exploited to cause a denial or service or to compromise the database server. Oracle has stated that Oracle 9i Release 1 and prior are not affected. The Oracle advisory that prompted this alert is likely related to the vulnerabilities described in BID 8375.