Secunia
Login
|
|
CVE Reference: CVE-2009-1979 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2009-1979 |
|
|
Description: Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commented on claims from an independent researcher that this is related to improper validation of the AUTH_SESSKEY parameter length that leads to arbitrary code execution. |
|
|
CVE Status: Candidate |
|
|
References: ST 1023057 SAID Secunia Advisory: SA37027 OSVDB 59110 MISC http://blogs.conus.info/node/28 CONFIRM http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html CERT http://www.us-cert.gov/cas/techalerts/TA09-294A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/507598/100/0/threaded BID 36747 |
|
| Return to the previous page. |
