database_server 缓冲区溢出未指明漏洞

admin

0
文章

0
评论

2023-12-13 07:00:48 Ali_nvd 来源：ZONE.CI 全球网 0 阅读模式

database_server 缓冲区溢出未指明漏洞

CVE编号

CVE-2007-2114

利用情况

暂无

补丁情况

N/A

披露时间

2007-04-19

漏洞描述

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 have unknown impact and remote authenticated attack vectors, related to (1) Change Data Capture (CDC), aka DB08, and (2) Oracle Instant Client, aka DB11. NOTE: as of 20070424, oracle has not disputed reliable claims that these issues are buffer overflows using a long CHANGE_TABLE_NAME parameter to the DBMS_CDC_IPUBLISH.CHGTAB_CACHE procedure (DB08) and Oracle Instant Client genezi utility (DB11).

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_Apr...
http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf
http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html
http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html
http://www.securityfocus.com/archive/1/466329/100/200/threaded
http://www.securityfocus.com/bid/23532
http://www.securitytracker.com/id?1017927
http://www.us-cert.gov/cas/techalerts/TA07-108A.html
http://www.vupen.com/english/advisories/2007/1426