Oracle Database Server MDSYS.SDO_CS缓冲区溢出漏洞

2007-10-31T00:00:00
ID SSV:2359
Type seebug
Reporter Root
Modified 2007-10-31T00:00:00

Description

Oracle Database Server是一款商业性质的功能强大的数据库服务程序。 Oracle Database Server处理MDSYS.SDO_CS.TRANSFORM函数存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 Oracle Database Server提供的MDSYS.SDO_CS包包含子程序用于与协作系统工作。此包TRANSFORM过程处理存在缓冲区溢出,任何对MDSYS.SDO_CS有执行权限的Oracle数据库用户可利用此漏洞。

Oracle Oracle9i Standard Edition 9.2 .6 Oracle Oracle9i Standard Edition 9.2 .3 Oracle Oracle9i Standard Edition 9.2 .2 Oracle Oracle9i Standard Edition 9.2 .2 Oracle Oracle9i Standard Edition 9.2 .1 Oracle Oracle9i Standard Edition 9.2 .1 Oracle Oracle9i Standard Edition 9.2 .0.5 Oracle Oracle9i Standard Edition 9.2 .0.3 Oracle Oracle9i Standard Edition 9.2 .0.2 Oracle Oracle9i Standard Edition 9.2 .0.1 Oracle Oracle9i Standard Edition 9.2 Oracle Oracle9i Standard Edition 9.0.4 Oracle Oracle9i Standard Edition 9.0.2 Oracle Oracle9i Standard Edition 9.0.1 .5 FIPS Oracle Oracle9i Standard Edition 9.0.1 .5 Oracle Oracle9i Standard Edition 9.0.1 .4 Oracle Oracle9i Standard Edition 9.0.1 .3 Oracle Oracle9i Standard Edition 9.0.1 .2 Oracle Oracle9i Standard Edition 9.0.1 Oracle Oracle9i Standard Edition 9.0 .2.4 Oracle Oracle9i Standard Edition 9.0 Oracle Oracle9i Standard Edition 8.1.7 Oracle Oracle9i Personal Edition 9.2 .6 Oracle Oracle9i Personal Edition 9.2 .0.5 Oracle Oracle9i Personal Edition 9.2 .0.3 Oracle Oracle9i Personal Edition 9.2 .0.2 Oracle Oracle9i Personal Edition 9.2 .0.1 Oracle Oracle9i Personal Edition 9.2 Oracle Oracle9i Personal Edition 9.0.4 Oracle Oracle9i Personal Edition 9.0.1 .5 FIPS Oracle Oracle9i Personal Edition 9.0.1 .5 Oracle Oracle9i Personal Edition 9.0.1 .4 Oracle Oracle9i Personal Edition 9.0.1 Oracle Oracle9i Personal Edition 9.0 .2.4 Oracle Oracle9i Personal Edition 8.1.7 Oracle Oracle8i Standard Edition 8.1.7 .4 Oracle Oracle8i Standard Edition 8.1.7 .4 Oracle Oracle8i Standard Edition 8.1.7 .1 Oracle Oracle8i Standard Edition 8.1.7 .0.0 Oracle Oracle8i Standard Edition 8.1.7 Oracle Oracle8i Standard Edition 8.1.6 Oracle Oracle8i Standard Edition 8.1.5 Oracle Oracle8i Standard Edition 8.1 x Oracle Oracle8i Standard Edition 8.0.6 .3 Oracle Oracle8i Standard Edition 8.0.6 Oracle Oracle8i Standard Edition 8.0 x Oracle Oracle8i Enterprise Edition 8.1.7 .4 Oracle Oracle8i Enterprise Edition 8.1.7 .1.0 Oracle Oracle8i Enterprise Edition 8.1.7 .0.0 Oracle Oracle8i Enterprise Edition 8.1.6 .1.0 Oracle Oracle8i Enterprise Edition 8.1.6 .0.0 Oracle Oracle8i Enterprise Edition 8.1.5 .1.0 Oracle Oracle8i Enterprise Edition 8.1.5 .0.2 Oracle Oracle8i Enterprise Edition 8.1.5 .0.0 Oracle Oracle8i Enterprise Edition 8.0.6 .0.1 Oracle Oracle8i Enterprise Edition 8.0.6 .0.0 Oracle Oracle8i Enterprise Edition 8.0.5 .0.0 Oracle Oracle10g Standard Edition 10.2 .3 Oracle Oracle10g Standard Edition 10.2 .2 Oracle Oracle10g Standard Edition 10.2 .1 Oracle Oracle10g Standard Edition 10.1 .4 Oracle Oracle10g Standard Edition 10.1 .0.5 Oracle Oracle10g Standard Edition 10.1 .0.4 Oracle Oracle10g Standard Edition 10.1 .0.3.1 Oracle Oracle10g Standard Edition 10.1 .0.3 Oracle Oracle10g Standard Edition 10.1 .0.2 Oracle Oracle10g Personal Edition 10.1 .4 Oracle Oracle10g Personal Edition 10.1 .0.4 Oracle Oracle10g Personal Edition 10.1 .0.3.1 Oracle Oracle10g Personal Edition 10.1 .0.3 Oracle Oracle10g Personal Edition 10.1 .0.2 Oracle Oracle10g Enterprise Edition 10.1 .5 Oracle Oracle10g Enterprise Edition 10.1 .5 Oracle Oracle10g Enterprise Edition 10.1 .4 Oracle Oracle10g Enterprise Edition 10.1 .0.4 Oracle Oracle10g Enterprise Edition 10.1 .0.3.1 Oracle Oracle10g Enterprise Edition 10.1 .0.3 Oracle Oracle10g Enterprise Edition 10.1 .0.2

可参考如下安全公告获得补丁信息: <a href="http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2007.html" target="_blank">http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2007.html</a>