Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 DB:ORACLE:SDO_TOPO_DROP_FTBL

Severity

 Minor

Recommended

 No

Recommended Action

 Drop

Category

 DB

Keywords

 Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection

Release Date

 2009/02/26

Update Number

 1382

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

DB: Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection


This signature detects attempts to exploit a known vulnerability in Oracle Database MDSYS. A successful attack can allow an attacker to insert or remove data from a database. Valid authentication credentials are required to exploit this vulnerability.

Extended Description

Oracle has released the January 2009 critical patch update. The update addresses 41 vulnerabilities affecting the following software: Oracle Database Oracle Secure Backup Oracle TimesTen In-Memory Database Oracle Application Server Oracle Collaboration Suite Oracle E-Business Suite Release Oracle Enterprise Manager Grid Control PeopleSoft Enterprise HRMS JD Edwards Tools Oracle WebLogic Server (formerly BEA WebLogic Server) Oracle WebLogic Portal (formerly BEA WebLogic Portal)

Affected Products

  • Bea_systems weblogic_portal 10.0
  • Bea_systems weblogic_portal 10.0 MP1
  • Bea_systems weblogic_portal 10.2
  • Bea_systems weblogic_portal 10.3
  • Bea_systems weblogic_portal 8.1.0
  • Bea_systems weblogic_portal 8.1.0 SP1
  • Bea_systems weblogic_portal 8.1.0 SP2
  • Bea_systems weblogic_portal 8.1.0 SP3
  • Bea_systems weblogic_portal 8.1.0 SP4
  • Bea_systems weblogic_portal 8.1.0 SP5
  • Bea_systems weblogic_portal 8.1.0 SP6
  • Bea_systems weblogic_portal 9.2
  • Bea_systems weblogic_portal 9.2 MP3
  • Bea_systems weblogic_server 10.0
  • Bea_systems weblogic_server 10.0 MP1
  • Bea_systems weblogic_server 10.3
  • Bea_systems weblogic_server 7.0.0
  • Bea_systems weblogic_server 7.0.0 .0.1
  • Bea_systems weblogic_server 7.0.0 .0.1 SP 1
  • Bea_systems weblogic_server 7.0.0 .0.1 SP 2
  • Bea_systems weblogic_server 7.0.0 .0.1 SP 3
  • Bea_systems weblogic_server 7.0.0 .0.1 SP 4
  • Bea_systems weblogic_server 7.0.0 SP 1
  • Bea_systems weblogic_server 7.0.0 SP 2
  • Bea_systems weblogic_server 7.0.0 SP 3
  • Bea_systems weblogic_server 7.0.0 SP 4
  • Bea_systems weblogic_server 7.0.0 SP 5
  • Bea_systems weblogic_server 7.0.0 SP 6
  • Bea_systems weblogic_server 7.0.0 SP 7
  • Bea_systems weblogic_server 7.0 SP7
  • Bea_systems weblogic_server 8.1
  • Bea_systems weblogic_server 8.1.0
  • Bea_systems weblogic_server 8.1.0 SP 1
  • Bea_systems weblogic_server 8.1.0 SP 2
  • Bea_systems weblogic_server 8.1.0 SP 3
  • Bea_systems weblogic_server 8.1.0 SP 4
  • Bea_systems weblogic_server 8.1.0 SP 5
  • Bea_systems weblogic_server 8.1.0 SP 6
  • Bea_systems weblogic_server 9.0
  • Bea_systems weblogic_server 9.1
  • Bea_systems weblogic_server 9.2
  • Bea_systems weblogic_server 9.2 Maintenance Pack 3
  • Oracle collaboration_suite_release_1 10.1.2
  • Oracle e-business_suite_11i 11.5.10.2
  • Oracle e-business_suite_12 12.0.6
  • Oracle enterprise_manager_grid_control_10g 10.2.0.4
  • Oracle oracle10g_application_server 10.1.2 .2.0
  • Oracle oracle10g_application_server 10.1.2.3.0
  • Oracle oracle10g_application_server 10.1.3 .3.0
  • Oracle oracle10g_enterprise_edition 10.1.0 .5
  • Oracle oracle10g_enterprise_edition 10.2.0 .2
  • Oracle oracle10g_enterprise_edition 10.2.0.2 64 bit
  • Oracle oracle10g_enterprise_edition 10.2.0 .3
  • Oracle oracle10g_enterprise_edition 10.2.0.4
  • Oracle oracle10g_personal_edition 10.1.0.5
  • Oracle oracle10g_personal_edition 10.2.0 .2
  • Oracle oracle10g_personal_edition 10.2.0 .3
  • Oracle oracle10g_personal_edition 10.2.0.4
  • Oracle oracle10g_standard_edition 10.1.0 .5
  • Oracle oracle10g_standard_edition 10.2.0 .2
  • Oracle oracle10g_standard_edition 10.2.0 .3
  • Oracle oracle10g_standard_edition 10.2.0.4
  • Oracle oracle11g_enterprise_edition 11.1.0 6
  • Oracle oracle11g_standard_edition 11.1.0 6
  • Oracle oracle11g_standard_edition_one 11.1.0 6
  • Oracle oracle9i_enterprise_edition 9.2.0.8.0
  • Oracle oracle9i_enterprise_edition 9.2.0 .8DV
  • Oracle oracle9i_personal_edition 9.2.0 .8
  • Oracle oracle9i_personal_edition 9.2.0 .8DV
  • Oracle oracle9i_standard_edition 9.2.0.8
  • Oracle oracle9i_standard_edition 9.2.0 .8DV
  • Oracle secure_backup 10.1.0.1
  • Oracle secure_backup 10.1.0.2
  • Oracle secure_backup 10.1.0.3
  • Oracle secure_backup 10.2.0.2
  • Oracle secure_backup 10.2.0.3
  • Oracle timesten_in-memory_database 7.0.5.1.0
  • Oracle timesten_in-memory_database 7.0.5.2.0
  • Oracle timesten_in-memory_database 7.0.5.3.0
  • Oracle timesten_in-memory_database 7.0.5.4.0

References

  • BugTraq: 33177
  • CVE: CVE-2008-3979
  • URL: http://www.securityfocus.com/archive/1/500061
  • URL: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out