| Ãë¾àÁ¡ID |
22047 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
WWW |
| »ó¼¼¼³¸í |
ÇØ´ç Oracle 9iAS¿¡ ÀÖ´Â PL/SQL ¸ðµâÀº Cross Site Scripting Ãë¾àÁ¡À» °¡Áö°í ÀÖ´Ù. ÀÌ Ãë¾àÁ¡À» ÀÌ¿ëÇÏ¿© °ø°ÝÀÚ´Â ¾ÇÀÇÀûÀ¸·Î ¸¸µé¾îÁø ½ºÅ©¸³Æ® Äڵ带 Æ÷ÇÔÇÏ´Â ½ºÅ©¸³Æ®·ÎÀÇ ¸µÅ©¸¦ ¸¸µé¾î ³õÀ» ¼ö ÀÖ´Ù. ±× ¸µÅ©°¡ À¥ »ç¿ëÀÚ¿¡ ÀÇÇØ Å¬¸¯µÉ ¶§ ¾ÇÀÇÀûÀ¸·Î ¸¸µé¾î ³õÀº ±× ½ºÅ©¸³Æ® Äڵ尡 Ãë¾àÇÑ »çÀÌÆ®ÀÇ ¹®¸Æ¿¡¼ Ŭ¶óÀ̾ðÆ®¿¡ ÀÇÇØ ½ÇÇàµÉ °ÍÀÌ´Ù.
ÀÌ ¹®Á¦Á¡Àº °ø°ÝÀÚ°¡ cookie ±â¹ÝÀÇ ÀÎÁõ ½Å¿ëÁ¤º¸¸¦ ÈÉÃij¾ ¼ö ÀÖ¾î °ø°ÝÀڵ鿡°Ô ¾î¶² http ¼¼¼ÇÀ» °¡·Îä°Ô ÇÏ¿© ÇÕ¹ýÀûÀÎ »ç¿ëÀڷμ Çà»çÇÒ ¼ö ÀÖµµ·Ï µµ¿ëµÉ ¼öµµ ÀÖ´Ù.
* Âü°í »çÀÌÆ®:
http://www.cert.org/advisories/CA-2000-02.html
http://www.kb.cert.org/vuls/id/798611 |
| ÇØ°áÃ¥ |
Vender¿Í »óÀÇÇÏ¿© 2209455 ÆÐÄ¡¸¦ ¼³Ä¡ÇØ¾ß ÇÑ´Ù. |
| °ü·Ã URL |
(CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
