iDefense confirms the existence of three vulnerabilities in Oracle products

July 16, 2008

[From iDefense Labs]

iDefense confirms the existence of two vulnerabilities in Oracle Corp.'s Oracle Database product and one vulnerability in Oracle Corp.'s Oracle Internet Directory.

Oracle Database Local Untrusted Library Path Vulnerability

Local exploitation of an untrusted library path vulnerability in Oracle Corp.'s Oracle Database product allows attackers to gain elevated privileges.

Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability

Remote exploitation of a buffer overflow vulnerability in the DBMS_AQELM package in Oracle Corp.'s Oracle Database product allows attackers to execute arbitrary code with the privileges of the database user.

Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability

Remote exploitation of a pre-authentication input validation vulnerability in Oracle Corp.'s Oracle Internet Directory allows an attacker to conduct a denial of service attack on a vulnerable host.








The Network for Technology Professionals

Search:

About Internet.com

Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers