A buffer overflow vulnerability was found in the SYS_CONTEXT procedure in
Oracle Database Server allows a valid database user to execute arbitrary
code.
The vulnerability can be exploited by any valid database user with CONNECT privileges. The buffer overflow can then be exploited by calling the SYS_CONTEXT() function.
This module has two uses: One as a Remote Exploit, which needs authentication, and another as an SQL Injection OS Agent installer module, which needs an Oracle SQL Agent as a target.
Oracle Database Server allows a valid database user to execute arbitrary
code.
The vulnerability can be exploited by any valid database user with CONNECT privileges. The buffer overflow can then be exploited by calling the SYS_CONTEXT() function.
This module has two uses: One as a Remote Exploit, which needs authentication, and another as an SQL Injection OS Agent installer module, which needs an Oracle SQL Agent as a target.
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name