CVE-2002-0965

Name: CVE-2002-0965
Creator: NVD / NIST
Published: 2002-10-04T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 69.81%

Last modified Jun 16, 2026

CVE-2002-0965 is a vulnerability of currently unknown severity. Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when writing an error message to a log file.. EPSS estimates a 69.81% chance of exploitation in the next 30 days.

Description

Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when writing an error message to a log file.

Metrics

EPSS Probability

69.81%

99.3th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Oracle	Oracle9i	9.0
Oracle	Oracle9i	9.0.1
Oracle	Oracle9i	9.0.2

References

http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0096.html
http://online.securityfocus.com/archive/1/276526
http://otn.oracle.com/deploy/security/pdf/net9_dos_alert.pdfPatch, Vendor Advisory
http://www.iss.net/security_center/static/9288.php
http://www.kb.cert.org/vuls/id/630091US Government Resource
http://www.securityfocus.com/bid/4845Patch, Vendor Advisory
http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0096.html
http://online.securityfocus.com/archive/1/276526
http://otn.oracle.com/deploy/security/pdf/net9_dos_alert.pdfPatch, Vendor Advisory
http://www.iss.net/security_center/static/9288.php
http://www.kb.cert.org/vuls/id/630091US Government Resource
http://www.securityfocus.com/bid/4845Patch, Vendor Advisory

Timeline

Published: Oct 4, 2002
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2002-0965?

How severe is CVE-2002-0965?

Severity scoring for CVE-2002-0965 is pending analysis. The EPSS model estimates a 69.81% probability of exploitation in the next 30 days.

How do I fix CVE-2002-0965?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2002-0965?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST