Oracle Spatial component SDO_CS.TRANSFORM_LAYER buffer overflow

Added: 10/26/2006
CVE: CVE-2006-5344
BID: 20588
OSVDB: 31462

Background

The Oracle Spatial (formerly SDO) component of Oracle Database provides a set of functions which process multi-dimensional data.

Problem

A buffer overflow in the Oracle Spatial component allows an attacker with EXECUTE privileges on the SDO_CS.TRANSFORM_LAYER function to execute arbitrary commands.

Resolution

Apply the patch referenced in the October 2006 Oracle Critical Patch Update.

References

http://www.us-cert.gov/cas/techalerts/TA06-291A.html
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html

Limitations

Exploit works on Oracle Database 10.1.0.2 and 9.2.0.1.

Exploit requires a the login and password of a database user with privileges to create functions. The default "scott" user has sufficient privileges, but is disabled by default in Oracle Database 10g.

Platforms

Windows

Back to exploit index