Intrusion Prevention

Oracle.Database.Server.SDO_CS.TRANSFORM_LAYER.Buffer.Overflow

Description

This indicates an attack attempt against a buffer overflow vulnerability in
Oracle Database Server.
The vulnerability is caused by lacking of checking pareameters passed to the stored procedure SDO_CS.TRANSFORM_LAYER. It allows a remote attacker to execute arbitrary code via sending a crafted request from client.

Affected Products

Oracle Database 8.1.7.4,
Oracle Database 9.0.1.5
Oracle Database 9.2.0.7
Oracle Database 10.1.0.4

Impact

System Comprise:Remote attackers can gain control of the vulnerable system.

Recommended Actions

Apply patch,available from the web site.
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html

CVE References

CVE-2006-5344