| CNNVD-ID编号 | CNNVD-200610-230 | CVE编号 | CVE-2006-5343 |
| 发布时间 | 2006-10-17 | 更新时间 | 2006-10-18 |
| 漏洞类型 | 资料不足 | 漏洞来源 | Oracle credits the following people with the discovery of these vulnerabilities: Johannes Fahrenkrug; Sacha Faust of S.P.I. Dynamics, Inc.; Esteban Martinez Fayo of Application Security, Inc.; Alexander Kornbrust of Red Database Security GmbH; David Litch |
| 危险等级 | 超危 | 威胁类型 | 远程 |
| 厂商 | oracle | ||
Oracle Database是一款商业性质大型数据库系统。
Oracle Database 10.1.0.3的Database Scheduler组件中存在未明漏洞,具有未知的影响和与sys.dbms_scheduler相关的不明远程认证攻击向量,又称为Vuln# DB19。
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
Oracle HTML DB 1.5
Oracle apex_2.2.1.zip
http://www.oracle.com/technology/software/htdocs/devlic.html?url=
http: //download.oracle.com/otn/java/appexpress/apex_2.2.1.zip
Oracle HTML DB 1.6.1
Oracle apex_2.2.1.zip
http://www.oracle.com/technology/software/htdocs/devlic.html?url=
http: //download.oracle.com/otn/java/appexpress/apex_2.2.1.zip
Oracle HTML DB 2.0
Oracle apex_2.2.1.zip
http://www.oracle.com/technology/software/htdocs/devlic.html?url=
http: //download.oracle.com/otn/java/appexpress/apex_2.2.1.zip
来源: TA06-291A
名称: TA06-291A
来源: BID
名称: 20588
来源: www.oracle.com
链接:http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html
来源: VUPEN
名称: ADV-2006-4065
来源: HP
名称: SSRT061201
链接:http://www.securityfocus.com/archive/1/archive/1/449711/100/0/threaded
来源: BUGTRAQ
名称: 20061018 Analysis of the Oracle October 2006 Critical Patch Update
链接:http://www.securityfocus.com/archive/1/archive/1/449110/100/0/threaded
来源: MISC
链接:http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html
来源: MISC
链接:http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf
来源: SECTRACK
名称: 1017077
计算
安全
数据库
网络和加速
企业服务
