Lucene search
PRIOn knowledge basePRION:CVE-2014-6567HistoryJan 21, 2015 - 3:28 p.m.
Stack overflow
2015-01-2115:28:00
PRIOn knowledge base
www.prio-n.com
8
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher’s claim that this is a stack-based buffer overflow in DBMS_AW.EXECUTE, which allows code execution via a long Current Directory Alias (CDA) command.
| CPE | Name | Operator | Version |
|---|---|---|---|
| database_server | eq | 12.1.0.2 | |
| database_server | eq | 11.2.0.4 | |
| database_server | eq | 11.2.0.3 | |
| database_server | eq | 12.1.0.1 | |
| database_server | eq | 11.1.0.7 |
Related
cvelist
cvelist
CVE-2014-6567
2015-01-21 15:00:00
cve
cve
CVE-2014-6567
2015-01-21 15:28:06
nvd
nvd
CVE-2014-6567
2015-01-21 15:28:06
thn
thn
Oracle releases 169 Updates, Including 19 Patches for JAVA Vulnerabilities
2015-01-21 08:36:00
nessus
nessus
Oracle Database Multiple Vulnerabilities (January 2015 CPU)
2015-01-22 00:00:00
ibm
ibm
openvas
openvas
Oracle Database Server Multiple Unspecified Vulnerabilities -05 (Jan 2016)
2016-01-25 00:00:00
securityvulns
securityvulns
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2015-01-25 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00