Oracle Job Scheduler Named Pipe Command Execution Vulnerability
Data de publicação: 13 julho 2016
Schweregrad: : Alto
Descrição
An arbitrary command execution vulnerability exists in Oracle Job Scheduler. The Job Scheduler is implemented via the component extjob.exe which listens on a named pipe called "orcljsex" and execute arbitrary commands received over this channel via CreateProcess(). In order to connect to the Named Pipe remotely, SMB access is required.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1007699