Oracle 4月更新修复多个安全漏洞
欢迎进入Oracle社区论坛,与200万技术人员互动交流 >>进入 受影响系统: Oracle E-Business Suite 11i 11.5.7 - 11.5.10 CU2 Oracle Enterprise Manager 9.2.0.8 Oracle Enterprise Manager 9.2.0.7 Oracle Enterprise Manager 9.0.1.5 Oracle Database 10g
欢迎进入Oracle社区论坛,与200万技术人员互动交流 >>进入
受影响系统:
- Oracle E-Business Suite 11i 11.5.7 - 11.5.10 CU2
- Oracle Enterprise Manager 9.2.0.8
- Oracle Enterprise Manager 9.2.0.7
- Oracle Enterprise Manager 9.0.1.5
- Oracle Database 10g Release 1 10.1.0.5
- Oracle Database 10g Release 1 10.1.0.4
- Oracle Oracle9i Database Server Release 2 9.2.0.8
- Oracle Oracle9i Database Server Release 2 9.2.0.7
- Oracle Application Server 10g (9.0.4) 9.0.4.3
- Oracle Application Server 10g (9.0.4) 9.0.4.3
- Oracle Application Server 10g Release 2 10.1.2.2.0
- Oracle Application Server 10g Release 2 10.1.2.1.0
- Oracle Application Server 10g Release 2 10.1.2.0.0 - 10.1.2.0.2
- Oracle Database 10g Release 2 10.2.0.3
- Oracle Database 10g Release 2 10.2.0.2
- Oracle JD Edwards EnterpriseOne Tools 8.96
- Oracle JD Edwards OneWorld Tools SP23
- Oracle PeopleSoft Enterprise PeopleTools 8.48
- Oracle PeopleSoft Enterprise PeopleTools 8.47
- Oracle PeopleSoft Enterprise PeopleTools 8.22
- Oracle Secure Enterprise Search 10g Release 1 10.1.6
- Oracle Oracle10g Collaboration Suite Release 1 10.1.2
- Oracle Oracle E-Business Suite Release 12 12.0.0
- Oracle PeopleSoft Enterprise Human Capital Management 8.9
描述:
Oracle Database是一款商业性质大型数据库系统。
Oracle发布了2007年4月的紧急补丁更新公告,修复了多个Oracle产品中的多个漏洞。这些漏洞影响Oracle产品的所有安全属性,可导致本地和远程的威胁。其中一些漏洞可能需要各种级别的授权,但也有些不需要任何授权。最严重的漏洞可能导致完全入侵数据库系统。目前已知的漏洞包括:
- 1 攻击者可以绕过Oracle数据库的登录触发器(logon trigger)。登录触发器用于限制用户访问,因此这可能导致严重的安全问题;
- 2 DBMS_UPGRADE_INTERNAL和DBMS_AQADM_SYS软件包中存在SQL注入漏洞;
- 3 Oracle Secure Enterprise Search 10g的boundary_rules.jsp文件中EXPTYPE参数可能导致跨站脚本漏洞;
- 4 Oracle Discoverer Servlet中包含有database/tns别名的字段,攻击者可以通过这个字段发送TNS STOP命令关闭未受到保护的Oracle TNS Listener。
厂商补丁:
Oracle已经为此发布了一个安全公告(cpuapr2007)以及相应补丁:
cpuapr2007:Oracle Critical Patch Update - April 2007
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
This Apple ID is not yet in use in the iTunes Store: Fix
Jun 10, 2024 pm 05:42 PM
When logging into iTunesStore using AppleID, this error saying "This AppleID has not been used in iTunesStore" may be thrown on the screen. There are no error messages to worry about, you can fix them by following these solution sets. Fix 1 – Change Shipping Address The main reason why this prompt appears in iTunes Store is that you don’t have the correct address in your AppleID profile. Step 1 – First, open iPhone Settings on your iPhone. Step 2 – AppleID should be on top of all other settings. So, open it. Step 3 – Once there, open the “Payment & Shipping” option. Step 4 – Verify your access using Face ID. step
How long will Oracle database logs be kept?
May 10, 2024 am 03:27 AM
The retention period of Oracle database logs depends on the log type and configuration, including: Redo logs: determined by the maximum size configured with the "LOG_ARCHIVE_DEST" parameter. Archived redo logs: Determined by the maximum size configured by the "DB_RECOVERY_FILE_DEST_SIZE" parameter. Online redo logs: not archived, lost when the database is restarted, and the retention period is consistent with the instance running time. Audit log: Configured by the "AUDIT_TRAIL" parameter, retained for 30 days by default.
The order of the oracle database startup steps is
May 10, 2024 am 01:48 AM
The Oracle database startup sequence is: 1. Check the preconditions; 2. Start the listener; 3. Start the database instance; 4. Wait for the database to open; 5. Connect to the database; 6. Verify the database status; 7. Enable the service (if necessary ); 8. Test the connection.
Windows cannot access the specified device, path, or file
Jun 18, 2024 pm 04:49 PM
A friend's computer has such a fault. When opening "This PC" and the C drive file, it will prompt "Explorer.EXE Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the project." Including folders, files, This computer, Recycle Bin, etc., double-clicking will pop up such a window, and right-clicking to open it is normal. This is caused by a system update. If you also encounter this situation, the editor below will teach you how to solve it. 1. Open the registry editor Win+R and enter regedit, or right-click the start menu to run and enter regedit; 2. Locate the registry "Computer\HKEY_CLASSES_ROOT\PackagedCom\ClassInd"
How much memory does oracle require?
May 10, 2024 am 04:12 AM
The amount of memory required by Oracle depends on database size, activity level, and required performance level: for storing data buffers, index buffers, executing SQL statements, and managing the data dictionary cache. The exact amount is affected by database size, activity level, and required performance level. Best practices include setting the appropriate SGA size, sizing SGA components, using AMM, and monitoring memory usage.
Windows permanently pauses updates, Windows turns off automatic updates
Jun 18, 2024 pm 07:04 PM
Windows updates may cause some of the following problems: 1. Compatibility issues: Some applications, drivers, or hardware devices may be incompatible with new Windows updates, causing them to not work properly or crash. 2. Performance issues: Sometimes, Windows updates may cause the system to become slower or experience performance degradation. This may be due to new features or improvements requiring more resources to run. 3. System stability issues: Some users reported that after installing Windows updates, the system may experience unexpected crashes or blue screen errors. 4. Data loss: In rare cases, Windows updates may cause data loss or file corruption. This is why before making any important updates, back up your
iPhone stuck in airplane mode: How to fix it
Jun 15, 2024 pm 02:16 PM
Airplane mode is very convenient in some situations. However, the same airplane mode may give you a headache if your iPhone suddenly gets stuck on it. In this article, we have designed this set of solutions to get your iPhone out of airplane mode. Quick fix – 1. Try disabling Airplane Mode directly from Control Center. 2. If you are unable to disable Airplane Mode from Control Center, you can disable Airplane Mode directly from the Settings tab – If these tips don’t work, follow the fixes below to resolve the issue. Fix 1 – Force Restart Your Device The process of force restarting your device is very simple. All you have to do is follow these step-by-step instructions. Step 1 – You can start the process by pressing and releasing the Volume Up button. step
How to see the number of occurrences of a certain character in Oracle
May 09, 2024 pm 09:33 PM
To find the number of occurrences of a character in Oracle, perform the following steps: Get the total length of a string; Get the length of the substring in which a character occurs; Count the number of occurrences of a character by subtracting the substring length from the total length.
