Oracle Enterprise Manager Agent buffer overflow

Added: 11/30/2005
CVE: CVE-2005-3460
BID: 15146
OSVDB: 20664

Background

Oracle Application Server 10g includes the emagent.exe program which listens for connections on port 1830/TCP by default.

Problem

A buffer overflow vulnerability in emagent.exe could allow a remote attacker to execute arbitrary commands.

Resolution

See the October 2005 Oracle Critical Patch Update.

References

http://www.securityfocus.com/archive/1/413957

Platforms

Windows 2000
Windows XP
Windows Server 2003

Back to exploit index