le Boundary Error within the MDSYS.MD2 Package
Schweregrad:: Hoch
CVE Kennungen:: CVE-2006-5334
Hinweisdatum: 04 Februar 2011
Beschreibung
cve: Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln# DB03. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB03 is related to one or more of (1) a buffer overflow in the (a) RELATE function or (2) SQL injection in the (b) TESSELATE_FIXED and (c) TESSELATE function.
Trend Micro Lösungen
Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.
Betroffene Software und Version:
- Oracle Oracle10g Database Server 10.1.0.5
- Oracle Oracle9i Database Server 9.0.1.5
- Oracle Oracle9i Database Server 9.2.0.7