Check Point Reference: | CPAI-2014-1807 |
Date Published: | 22 Oct 2014 |
Severity: | Critical |
Last Updated: | Wednesday 22 October, 2014 |
Source: | Oracle |
Industry Reference: | CVE-2013-3751 |
Protection Provided by: |
Security Gateway |
Who is Vulnerable? | Oracle Database Server 12.1.0.1 |
Vulnerability Description | A stack buffer overflow vulnerability has been reported in Oracle Database Server. The vulnerability is due to insufficient validation of user supplied input when parsing XML document data in a SQL/XML query. A remote, authenticated attacker could exploit this vulnerability by sending a malicious SQL/XML query to the Oracle Database server. |
SmartView Tracker will log the following entries:
Attack Name: Oracle Protection Violation.
Attack Information: Oracle Database Server Insecure User Input Stack Buffer Overflow