Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Tips Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS Access
SQL Scripts & Samples
» Database Forum
» Slideshows
Free Newsletters:

News Via RSS Feed

Database Journal |DBA Support |SQLCourse |SQLCourse2

Featured Database Articles

Database News

Posted Feb 17, 2003

Buffer Overflow in TO_TIMESTAMP_TZ function of Oracle9i Database Server

By DatabaseJournal.com Staff

[From Oracle Technology Network]

A potential security vulnerability has been discovered in the TO_TIMESTAMP_TZ function of Oracle9i Database. A knowledgeable and malicious user can exploit a buffer overflow in this function.

This potential security vulnerability is fixed in the last patchset level for each database release on all platforms. It will be available in the Oracle9i Database Release 2 v patchset. It is available on Oracle9i Database Release 2 v, Oracle9i Database Release 1 v, on Oracle8i Database v, on Oracle8i Database v and on Oracle8i Database v It is available for Oracle8 Database v 8.0.6 on demand.

Download currently available patches from Oracle Worldwide Support Services web site, Metalink (http://metalink.oracle.com).

Alert #50, Rev 2, Updated 14 February 2003
Patches are available on Metalink.

The article continues at http://otn.oracle.com/deploy/security/pdf/2003alert50.pdf

Database News Archives

Latest Forum Threads
Database News Forum
Topic By Replies Updated
Efficient SQL Server Indexing by Design lcole 0 April 30th, 12:38 PM
Mine Oracle Database, SQL Server and Other Databases with Monarch Data Pump Pro V10.5 lcole 0 April 30th, 12:37 PM
Oracle Database and Oracle Fusion Middleware for Private Social Network Application lcole 0 April 30th, 12:31 PM
Oracle Database Maintains a Stronghold in the DBMS Market lcole 0 April 30th, 12:30 PM