Rule:

--
Sid:
16374

--
Summary:
This event is generated when an attempt is made to exploit a known vulnerability in Oracle database systems.

--
Impact:
Serious. SQL injection and code execution is possible.

--
Detailed Information:
Certain Oracle functions and stored procedures may allow an attacker to execute code of their choosing on an affected host.

This event is generated when an attempt is made to exploit a heap corruption vulnerability in Oracle Internet Directory server.

--
Affected Systems:
All Oracle Internet Directory installations, check vendor advisories for all products and solutions.

--
Attack Scenarios:

--
Ease of Attack:
Simple.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:
Apply the appropriate vendor supplied patches.

--
Contributors:
Sourcefire Vulnerability Research Team
Nigel Houghton <nigel.houghton@sourcefire.com>

--
Additional References:

--
