Search, View and Navigation
Mailing List
[SingCERT] Oracle Database Vault Remote Security Vulnerability
Last Updated on Monday, 24 January 2011 10:40
[ Summary ]
Oracle Database Vault is prone to a remote security vulnerability.
Fixes are available.
[ Affected Systems ]
Oracle Oracle10g Enterprise Edition 10.2.0 .5 cpe:/a:oracle:database_server:10.2.0.5 NVD
Oracle Oracle10g Enterprise Edition 10.2.0.4 cpe:/a:oracle:database_server:10.2.0.4 NVD
Oracle Oracle10g Personal Edition 10.2.0 .3 cpe:/a:oracle:database_server:10.2.0.3 NVD
Oracle Oracle10g Personal Edition 10.2.0 .5 cpe:/a:oracle:database_server:10.2.0.5 NVD
Oracle Oracle10g Personal Edition 10.2.0.4 cpe:/a:oracle:database_server:10.2.0.4 NVD
Oracle Oracle10g Standard Edition 10.2.0 .3 cpe:/a:oracle:database_server:10.2.0.3 NVD
Oracle Oracle10g Standard Edition 10.2.0 .5 cpe:/a:oracle:database_server:10.2.0.5 NVD
Oracle Oracle10g Standard Edition 10.2.0.4 cpe:/a:oracle:database_server:10.2.0.4 NVD
Oracle Oracle11g Standard Edition 11.1.0 .7 cpe:/a:oracle:database_server:11.1.0.7::standard SYMC
Oracle Oracle11g Standard Edition 11.2.0.1 R2 cpe:/a:oracle:database_server:11.2.0.1:standard:R2 SYMC
[ Impact Analysis ]
Currently there are enough technical details to depict the effect.
The vulnerability can be exploited over the ‘HTTP’ protocol. An attacker does not require privileges to exploit this vulnerability.
[ Solution/Workaround ]
Vendor updates are available. Please contact the vendor for more information.
[ Reference ]
- http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
| < Prev | Next > |
|---|