Oracle Database Multiple Vulnerabilities

Last Update Date: 17 Jul 2013 12:59 Release Date: 17 Jul 2013 3375 Views

RISK: High Risk

High Risk

TYPE: Servers - Database Servers

TYPE: Database Servers

Several vulnerabilities were identified in Oracle Database. A remote or remote authenticated user can execute arbitrary code on the target system. A remote authenticated user can partially access and modify data on the target system, and cause partial denial of service conditions. A local user can obtain elevated privileges on the target system.

  1. A remote user can send specially crafted data to trigger a flaw in the XML Parser component and execute arbitrary code on the target system.
  2. A remote authenticated user can send specially crafted data to trigger a flaw in the Network Layer component and execute arbitrary code on the target system.
  3. A local user can exploit a flaw in an Oracle executable component to gain elevated privileges.
  4. A remote authenticated user can partially access and modify data and cause partial denial of service conditions on the target system. The Core RDBMS component is affected.
  5. A remote authenticated user can partially modify data on the target system

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Data Manipulation

System / Technologies affected

  • Version 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3; and prior versions

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued a fix.

Vulnerability Identifier

Source

Related Link

Share with

Previous

MySQL Multiple Vulnerabilities

17 Jul 2013 3464 Views

Next

Oracle Products Multiple Vulnerabilities

18 Jul 2013 3417 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY