Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 DB:ORACLE:SDO_TOPO_DROP_FTBL

Severity

 Medium

Recommended

 No

Recommended Action

 Drop

Category

 DB

Keywords

 Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection

Release Date

 2009/02/26

Update Number

 1382

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DB: Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection


This signature detects attempts to exploit a known vulnerability in Oracle Database MDSYS. A successful attack can allow an attacker to insert or remove data from a database. Valid authentication credentials are required to exploit this vulnerability.

Extended Description

Oracle has released the January 2009 critical patch update. The update addresses 41 vulnerabilities affecting the following software: Oracle Database Oracle Secure Backup Oracle TimesTen In-Memory Database Oracle Application Server Oracle Collaboration Suite Oracle E-Business Suite Release Oracle Enterprise Manager Grid Control PeopleSoft Enterprise HRMS JD Edwards Tools Oracle WebLogic Server (formerly BEA WebLogic Server) Oracle WebLogic Portal (formerly BEA WebLogic Portal)

Affected Products

  • BEA Systems WebLogic Portal 10.0
  • BEA Systems WebLogic Portal 10.0 MP1
  • BEA Systems WebLogic Portal 10.2
  • BEA Systems WebLogic Portal 10.3
  • BEA Systems WebLogic Portal 8.1.0
  • BEA Systems WebLogic Portal 8.1.0 SP1
  • BEA Systems WebLogic Portal 8.1.0 SP2
  • BEA Systems WebLogic Portal 8.1.0 SP3
  • BEA Systems WebLogic Portal 8.1.0 SP4
  • BEA Systems WebLogic Portal 8.1.0 SP5
  • BEA Systems WebLogic Portal 8.1.0 SP6
  • BEA Systems WebLogic Portal 9.2
  • BEA Systems WebLogic Portal 9.2 MP3
  • BEA Systems Weblogic Server 10.0
  • BEA Systems Weblogic Server 10.0 MP1
  • BEA Systems Weblogic Server 10.3
  • BEA Systems Weblogic Server 7.0.0
  • BEA Systems Weblogic Server 7.0.0 .0.1
  • BEA Systems Weblogic Server 7.0.0 .0.1 SP 1
  • BEA Systems Weblogic Server 7.0.0 .0.1 SP 2
  • BEA Systems Weblogic Server 7.0.0 .0.1 SP 3
  • BEA Systems Weblogic Server 7.0.0 .0.1 SP 4
  • BEA Systems Weblogic Server 7.0.0 SP 1
  • BEA Systems Weblogic Server 7.0.0 SP 2
  • BEA Systems Weblogic Server 7.0.0 SP 3
  • BEA Systems Weblogic Server 7.0.0 SP 4
  • BEA Systems Weblogic Server 7.0.0 SP 5
  • BEA Systems Weblogic Server 7.0.0 SP 6
  • BEA Systems Weblogic Server 7.0.0 SP 7
  • BEA Systems Weblogic Server 7.0 SP7
  • BEA Systems Weblogic Server 8.1
  • BEA Systems Weblogic Server 8.1.0
  • BEA Systems Weblogic Server 8.1.0 SP 1
  • BEA Systems Weblogic Server 8.1.0 SP 2
  • BEA Systems Weblogic Server 8.1.0 SP 3
  • BEA Systems Weblogic Server 8.1.0 SP 4
  • BEA Systems Weblogic Server 8.1.0 SP 5
  • BEA Systems Weblogic Server 8.1.0 SP 6
  • BEA Systems Weblogic Server 9.0
  • BEA Systems Weblogic Server 9.1
  • BEA Systems Weblogic Server 9.2
  • BEA Systems Weblogic Server 9.2 Maintenance Pack 3
  • Oracle Collaboration Suite Release 1 10.1.2
  • Oracle E-Business Suite 11i 11.5.10.2
  • Oracle E-Business Suite 12 12.0.6
  • Oracle Enterprise Manager Grid Control 10g 10.2.0.4
  • Oracle Oracle10g Application Server 10.1.2 .2.0
  • Oracle Oracle10g Application Server 10.1.2.3.0
  • Oracle Oracle10g Application Server 10.1.3 .3.0
  • Oracle Oracle10g Enterprise Edition 10.1.0 .5
  • Oracle Oracle10g Enterprise Edition 10.2.0 .2
  • Oracle Oracle10g Enterprise Edition 10.2.0.2 64 bit
  • Oracle Oracle10g Enterprise Edition 10.2.0 .3
  • Oracle Oracle10g Enterprise Edition 10.2.0.4
  • Oracle Oracle10g Personal Edition 10.1.0.5
  • Oracle Oracle10g Personal Edition 10.2.0 .2
  • Oracle Oracle10g Personal Edition 10.2.0 .3
  • Oracle Oracle10g Personal Edition 10.2.0.4
  • Oracle Oracle10g Standard Edition 10.1.0 .5
  • Oracle Oracle10g Standard Edition 10.2.0 .2
  • Oracle Oracle10g Standard Edition 10.2.0 .3
  • Oracle Oracle10g Standard Edition 10.2.0.4
  • Oracle Oracle11g Enterprise Edition 11.1.0 6
  • Oracle Oracle11g Standard Edition 11.1.0 6
  • Oracle Oracle11g Standard Edition One 11.1.0 6
  • Oracle Oracle9i Enterprise Edition 9.2.0.8.0
  • Oracle Oracle9i Enterprise Edition 9.2.0 .8DV
  • Oracle Oracle9i Personal Edition 9.2.0 .8
  • Oracle Oracle9i Personal Edition 9.2.0 .8DV
  • Oracle Oracle9i Standard Edition 9.2.0.8
  • Oracle Oracle9i Standard Edition 9.2.0 .8DV
  • Oracle Secure Backup 10.1.0.1
  • Oracle Secure Backup 10.1.0.2
  • Oracle Secure Backup 10.1.0.3
  • Oracle Secure Backup 10.2.0.2
  • Oracle Secure Backup 10.2.0.3
  • Oracle TimesTen In-Memory Database 7.0.5.1.0
  • Oracle TimesTen In-Memory Database 7.0.5.2.0
  • Oracle TimesTen In-Memory Database 7.0.5.3.0
  • Oracle TimesTen In-Memory Database 7.0.5.4.0

References

  • BugTraq: 33177
  • CVE: CVE-2008-3979
  • URL: http://www.securityfocus.com/archive/1/500061
  • URL: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out