Oracle Zero Day Security Vulnerability
- Article Type: General
- Product: Aleph
- Product Version: 20
Description:
Related Info:
http://www.h-online.com/security/news/item/Vulnerability-in-Oracle-11gR2-allows-system-privileges-for-all-Update-923143.html
http://www.darkreading.com/database_security/security/app-security/showArticle.jhtml?articleID=222700742
Question: Will the suggested workaround adversely affect Aleph?
Oracle's current workaround is to remove execute from public for the following sys packages:
DBMS_JAVA
DBMS_JAVA_TEST
DBMS_JVM_EXP_PERMS
Resolution:
Written 14 Feb. 2010:
Aleph is still using Oracle 11gv1, while this warning applies to 11gv2.
Therefore no need to do anything.
Additional Information
Oracle Zero Day Security Vulnerability
- Article last edited: 10/8/2013