CVE-2006-0287

Oracle HTTP Server <10.1.0.5-10.1.2.0.2 - Unspecified

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0287. PoCs published by Argeniss.

AI-analyzed exploit summary This exploit demonstrates a buffer overflow in Oracle Database 10g Release 1 via the DBMS_XMLSCHEMA.GENERATESCHEMA procedure. It includes shellcode for Windows (file creation) and Linux (reverse shell on port 4444).

Description

Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10.1.0.5 and Application Server 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# OHS02.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Argeniss · textlocalwindows

https://www.exploit-db.com/exploits/1455

View Code ZIP pw:eip

This exploit demonstrates a buffer overflow in Oracle Database 10g Release 1 via the DBMS_XMLSCHEMA.GENERATESCHEMA procedure. It includes shellcode for Windows (file creation) and Linux (reverse shell on port 4444).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Oracle Database 10g Release 1

Auth required

Prerequisites: Access to Oracle Database with privileges to execute DBMS_XMLSCHEMA.GENERATESCHEMA

MITRE ATT&CK