le Boundary Error within the MDSYS.MD2 Package
Severity: HIGH
CVE Identifier: CVE-2006-5334
Advisory Date: FEB 04, 2011
DESCRIPTION
cve: Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln# DB03. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB03 is related to one or more of (1) a buffer overflow in the (a) RELATE function or (2) SQL injection in the (b) TESSELATE_FIXED and (c) TESSELATE function.
TREND MICRO PROTECTION INFORMATION
Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.
AFFECTED SOFTWARE AND VERSION
- Oracle Oracle10g Database Server 10.1.0.5
- Oracle Oracle9i Database Server 9.0.1.5
- Oracle Oracle9i Database Server 9.2.0.7