DB: Oracle SDO_CS.TRANSFORM_LAYER Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Oracle database TNS. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Multiple vulnerabilities affect various Oracle applications, including: Oracle Database Oracle Application Server Oracle Application Express Oracle Collaboration Suite Oracle E-Business Suite Oracle Pharmaceutical Applications Oracle PeopleSoft Enterprise PeopleTools and Portal Solutions JD Edwards EnterpriseOne JD Edwards OneWorld Tools Oracle has released a Critical Patch Update advisory for October 2006 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The Oracle advisory details 101 vulnerabilities in all. This BID will be updated as further analysis of the individual issues reveals more detailed information.
Affected Products
Oracle oracle9i_personal_edition
Short Name
DB:ORACLE:SDO_CS-TRANS-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
Buffer CVE-2006-5344 CVE-2006-5372 Oracle Overflow SDO_CS.TRANSFORM_LAYER bid:20588
Release Date
11/01/2006
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3728
False Positive
Unknown
Vendors
Oracle
Hp
CVSS Score
9.0