| CNNVD-ID编号 | CNNVD-200610-235 |
| CVE编号 | CVE-2006-5357 |
| 发布时间 | 2006-10-17 |
| 更新时间 | 2006-10-18 |
| 漏洞类型 | 资料不足 |
| 漏洞来源 | Oracle credits the following people with the discovery of these vulnerabilities: Johannes Fahrenkrug; Sacha Faust of S.P.I. Dynamics, Inc.; Esteban Martinez Fayo of Application Security, Inc.; Alexander Kornbrust of Red Database Security GmbH; David Litch |
| 危险等级 | 超危 |
| 威胁类型 | 远程 |
| 厂 商 | oracle |
Oracle Application Server是一个全面的集成应用服务器。
Oracle Application Server 10.1.2.0.1,10.1.2.0.2和10.1.2.1.0的Oracle HTTP Server组件存在不明漏洞,具有未知的影响和与PHP模块相关的不明远程攻击向量,又称为Vuln# OHS03。
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
Oracle HTML DB 1.5
Oracle apex_2.2.1.zip
http://www.oracle.com/technology/software/htdocs/devlic.html?url=
http: //download.oracle.com/otn/java/appexpress/apex_2.2.1.zip
Oracle HTML DB 1.6.1
Oracle apex_2.2.1.zip
http://www.oracle.com/technology/software/htdocs/devlic.html?url=
http: //download.oracle.com/otn/java/appexpress/apex_2.2.1.zip
Oracle HTML DB 2.0
Oracle apex_2.2.1.zip
http://www.oracle.com/technology/software/htdocs/devlic.html?url=
http: //download.oracle.com/otn/java/appexpress/apex_2.2.1.zip
来源: TA06-291A
名称: TA06-291A
来源: BID
名称: 20588
来源: www.oracle.com
链接:http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html
来源: VUPEN
名称: ADV-2006-4065
来源: HP
名称: HPSBMA02133
链接:http://www.securityfocus.com/archive/1/archive/1/449711/100/0/threaded
来源: MISC
链接:http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html
来源: SECTRACK
名称: 1017077