Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS SQL
Oracle
DB2
MS Access
MySQL
» RESOURCES
Database Tools
SQL Scripts & Samples
Links
» Database Forum
» Sitemap
Free Newsletters:
DatabaseDaily  
News Via RSS Feed


follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2
 

Featured Database Articles

Database News

Posted Feb 17, 2003

Buffer Overflow in TO_TIMESTAMP_TZ function of Oracle9i Database Server

By DatabaseJournal.com Staff

[From Oracle Technology Network]

A potential security vulnerability has been discovered in the TO_TIMESTAMP_TZ function of Oracle9i Database. A knowledgeable and malicious user can exploit a buffer overflow in this function.

This potential security vulnerability is fixed in the last patchset level for each database release on all platforms. It will be available in the Oracle9i Database Release 2 v 9.2.0.3 patchset. It is available on Oracle9i Database Release 2 v 9.2.0.2, Oracle9i Database Release 1 v 9.0.1.4, on Oracle8i Database v 8.1.7.4, on Oracle8i Database v 8.1.7.2 and on Oracle8i Database v 8.1.7.0. It is available for Oracle8 Database v 8.0.6 on demand.

Download currently available patches from Oracle Worldwide Support Services web site, Metalink (http://metalink.oracle.com).

Alert #50, Rev 2, Updated 14 February 2003
Patches are available on Metalink.

The article continues at http://otn.oracle.com/deploy/security/pdf/2003alert50.pdf



Database News Archives

Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 




Latest Forum Threads
Database News Forum
Topic By Replies Updated
Efficient SQL Server Indexing by Design lcole 0 April 30th, 12:38 PM
Mine Oracle Database, SQL Server and Other Databases with Monarch Data Pump Pro V10.5 lcole 0 April 30th, 12:37 PM
Oracle Database and Oracle Fusion Middleware for Private Social Network Application lcole 0 April 30th, 12:31 PM
Oracle Database Maintains a Stronghold in the DBMS Market lcole 0 April 30th, 12:30 PM