Oracle 製品に複数の脆弱性
http://jvn.jp/tr/TRTA07-108A
JVNRSS based Status Tracking Notes: Oracle 製品およびそのコンポーネントに複数の脆弱性が存在します。
JVNRSS Feasibility Study Team
jvn@jvn.jp
TRTA07-108A
2007-04-20T23:45+09:00
2007-04-20T08:45+09:00
2007-04-20T23:45+09:00
-
Oracle Critical Patch Update - April 2007
http://otn.oracle.co.jp/security/070417_78/top.html
日本オラクル
http://www.us-cert.gov/cas/techalerts/TA07-108A.html
2007-04-20T11:16+00:00
2007-04-20T11:16+00:00
2007-04-20T11:16+00:00
-
Oracle Releases Patches for Multiple Vulnerabilities
http://www.us-cert.gov/cas/techalerts/TA07-108A.html
US-CERT メーリングリスト経由で Technical Cyber Security Alert 受信
US-CERT
TA07-108A
2007-04-18T18:09-04:00
2007-04-18T18:09-04:00
2007-04-18T18:09-04:00
-
Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL
http://www.appsecinc.com/resources/alerts/oracle/2007-07.shtml
Oracle Database Vuln# DB10
Application Security Inc.
http://www.us-cert.gov/cas/techalerts/TA07-108A.html
2007-04-18T14:20-04:00
2007-04-18T14:20-04:00
2007-04-18T14:20-04:00
-
Database Security Brief: The Oracle Critical Patch Update for April 2007
http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf
NGSSoftware
http://www.us-cert.gov/cas/techalerts/TA07-108A.html
2007-04-18T16:02+01:00
2007-04-18T16:02+01:00
2007-04-18T16:02+01:00
-
Oracle E-Business Suite Arbitrary Node Deletion Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-016.html
(CVE-2007-2170)
脆弱性の存在を確認
Zero Day Initiative (ZDI)
ZDI-07-016
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2170
2006-12-14
2006-12-14
2006-12-14
-
Oracle E-Business Suite Arbitrary Document Download Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-017.html
(CVE-2007-0714)
脆弱性の存在を確認
Zero Day Initiative (ZDI)
ZDI-07-017
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2135
2006-12-14
2006-12-14
2006-12-14
-
Bypass Oracle Logon Trigger (7826485) [DB05]
http://www.red-database-security.com/advisory/bypass_oracle_logon_trigger.html
脆弱性をベンダに報告
Red-Database-Security
http://www.us-cert.gov/cas/techalerts/TA07-108A.html
2006-06-07
2006-06-07
2006-06-07
-
SQL Injection in package SYS.DBMS_UPGRADE_INTERNAL (6980753) [DB07]
http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_upgrade_internal.html
脆弱性をベンダに報告
Red-Database-Security
http://www.us-cert.gov/cas/techalerts/TA07-108A.html
2005-11-01
2005-11-01
2005-11-01
-
Cross-Site-Scripting Vulnerability in Oracle Secure Enterprise Search - SES01
http://www.red-database-security.com/advisory/oracle_css_ses.html
脆弱性をベンダに報告
Red-Database-Security
http://www.us-cert.gov/cas/techalerts/TA07-108A.html
2005-04-05
2005-04-05
2005-04-05
-
Shutdown unprotected Oracle TNS Listener via Oracle Discoverer Servlet (6085705) [AS01]
http://www.red-database-security.com/advisory/oracle_discoverer_servlet.html
脆弱性をベンダに報告
Red-Database-Security
http://www.us-cert.gov/cas/techalerts/TA07-108A.html
2003-10-28
2003-10-28
2003-10-28