Oracle 8i and 9i with PL/SQL package for External Procedures (EXTPROC) allows remote attackers to bypass authentication and execute arbitrary functions by using the TNS Listener to directly connect to the EXTPROC process.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.01758Percentile:
0.81782
CVSS Scoring
CVSS v2 Score: 7.5
Severity:
Affected Products
cpe:2.3:a:oracle:database_server:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.1.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.1.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.1.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:8.1.7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:8.1.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:8.1.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:8.1.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:8.1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:enterprise_8.0.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:enterprise_8.0.6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:enterprise_8.1.5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:enterprise_8.1.6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle8i:enterprise_8.1.7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle9i:9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:oracle9i:9.0.1:*:*:*:*:*:*:*
← Back to Home
BrownCoat Threat Intelligence Platform | 2025 Steve Gray — You Can’t Take the Sky from Me