Intrusion Prevention

Oracle.DBMS.SNAP.INTERNAL.Buffer.Overflow

Description

This indicates a possible exploit of a buffer overflow vulnerability in the SYS.DBMS_SNAP_INTERNAL package in Oracle, which can be triggered by execution of DELETE_REFRESH_OPERATIONS or GENERATE_REFRESH_OPERATIONS with long SNAP_OWNER or SNAP_NAME parameters.

Affected Products

Oracle Database 8i
Oracle Database 9i
Oracle Database 10gR1

Impact

System compromise.

Recommended Actions

Apply Patch that is available at the Oracle website
http://www.oracle.com/technology/deploy/security/critical-patch-updates/
cpuapr2007.html

CVE References

CVE-2007-2116