| Release Date | Jun 23, 2009 |
| Severity | Medium |
| Impact | Denial of service |
| Description | This indicates an attack attempt against a denial-of-service vulnerability in Oracle Database Server.
The vulnerability is caused by an error when the TNS Listener component handles a specially crafted TNS data packet. |
| Affected Products | Oracle Oracle9i 9.2.0.8
Oracle Oracle9i 9.2.0.8dv
Oracle Oracle10g 10.1.0.5
Oracle Oracle10g 10.2.0.4
Oracle Oracle11g 11.1.0.7 |
| Recommended Actions | Apply the patch released by the vendor:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-0991
|
| Reference/s | http://www.securityfocus.com/bid/34461 (BugTraq)
|