CVE-2004-1774

Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter.

Date published : 2005-04-19

http://www.securityfocus.com/bid/13145

http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf