Description
Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL.
Affected products
- oracle / applications10.7 – 10.7
- oracle / applications11.0 – 11.0
- oracle / e-business_suite11.1 – 11.1
- oracle / e-business_suite11.2 – 11.2
- oracle / e-business_suite11.3 – 11.3
- oracle / e-business_suite11.4 – 11.4
- oracle / e-business_suite11.5 – 11.5
- oracle / e-business_suite11.6 – 11.6
- oracle / e-business_suite11.7 – 11.7
- oracle / e-business_suite11.8 – 11.8
References
- VENDOR_ADVISORYhttp://otn.oracle.com/deploy/security/pdf/2003alert56.pdf
- MAILING_LISThttp://marc.info/?l=bugtraq&m=105906721920776&w=2