Trend Micro Security

le Boundary Error within the MDSYS.MD2 Package

2011年2月4日
  危険度: :
  CVE識別番号: CVE-2006-5334

  概要

cve: Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln# DB03. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB03 is related to one or more of (1) a buffer overflow in the (a) RELATE function or (2) SQL injection in the (b) TESSELATE_FIXED and (c) TESSELATE function.

  トレンドマイクロの対策

Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.

  影響を受けるソフトウェア

  • Oracle Oracle10g Database Server 10.1.0.5
  • Oracle Oracle9i Database Server 9.0.1.5
  • Oracle Oracle9i Database Server 9.2.0.7