漏洞信息

漏洞名称:Oracle Database Server CVE-2016-3562 Remote Security Vulnerability

漏洞分类: Unknown BugtraqID:93640

远程溢出:Yes         本地溢出:No

发布日期:2016-10-18 12:00:00 更新日期:2016-10-20 01:08:00

漏洞作者: Oracle

受影响的程序版本

Oracle Database 12c Release 1 12.1 2
  Oracle Database 11g Release 2 11.2.0.4

漏洞讨论 

Oracle Database Server is prone to a remote security vulnerability in RDBMS Security and SQL*Plus.
The vulnerability can be exploited over the 'Oracle Net' protocol. For an exploit to succeed, the attacker must have 'DBA level privileged account' privileges.
This vulnerability affects the following supported versions:
11.2.0.4, 12.1.0.2

漏洞利用 

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com

解决方案

Updates are available. Please see the references or vendor advisory for more information.

官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3562

(官方数据源) MITRE

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3562

(官方数据源) NVD

其它链接及资源

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html