TRTA06-018A
Oracle 製品群に複数の脆弱性
様々な Oracle 製品およびそのコンポーネントに複数の脆弱性が存在します。
影響を受けるシステム
- Oracle Database 10g
- Oracle9i Database
- Oracle8i Database
- Oracle Enterprise Manager 10g Grid Control
- Oracle Application Server 10g
- Oracle9i Application Server
- Oracle Collaboration Suite 10g
- Oracle9i Collaboration Suite
- Oracle E-Business Suite Release 11i
- Oracle E-Business Suite Release 11.0
- JD Edwards EnterpriseOne, OneWorld Tools
- PeopleSoft Enterprise Portal
- Oracle Workflow
詳しくは、ベンダの提供する情報をご確認ください。
日時 (JST) | 内容 |
2003-08-26 | Red-Database-Security Read parts of any XML-file via customize parameter in Oracle Reports (CAN-2005-2371) を確認 |
2003-08-27 | Red-Database-Security Read parts of any file via desformat in Oracle Reports (CAN-2005-2378) を確認 |
2005-07-11 | Red-Database-Security Event 10053 logs TDE wallet password in cleartext を確認 |
2005-07-11 | Red-Database-Security Transparent Data Encryption stores key unencrypted in the SGA を確認 |
2005-10 | Imperva Oracle DBMS - Critical Access Control Bypass in Login Bug を確認 |
2005-11-01 | Red-Database-Security SQL Injection in package SYS.DBMS_METADATA_UTIL を確認 |
2005-11-01 | Red-Database-Security SQL Injection in package SYS.KUPV$FT を確認 |
2005-11-01 | Red-Database-Security SQL Injection in package SYS.KUPV$FT_INT を確認 |
2006-01-17 (米国日付) | Oracle Critical Patch Update - January 2006 を Web 公開 |
2006-01-19 07:11 |
US-CERT メーリングリスト経由で TA06-018A が届く
#Post-Date: Wed, 18 Jan 2006 17:11:10 -0500 |
- Technical Cyber Security Alert TA06-018A
Oracle Products Contain Multiple Vulnerabilities - Vendor Status Note JVNTA06-018A
Oracle 製品群に複数の脆弱性