10

CVE-2006-0257

Exploit

EPSS 1.24%
Veröffentlicht 18.01.2006 11:03:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB02.  NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the CDC_ALLOCATE_LOCK function of the DBMS_CDC_UTILITY package.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oracle ≫ Database Server Version9.2.0.7

Oracle ≫ Database Server Version10.1.0.5

Oracle ≫ Database Server Version10.2.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.24%	0.774

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/18493

Vendor Advisory

http://secunia.com/advisories/18608

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html

http://www.vupen.com/english/advisories/2006/0323

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/24321

http://securitytracker.com/id?1015499

Patch

Vendor Advisory

http://www.kb.cert.org/vuls/id/545804

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/16287

Exploit

http://www.vupen.com/english/advisories/2006/0243

Vendor Advisory

http://www.osvdb.org/22540

https://nvd.nist.gov/vuln/detail/CVE-2006-0257

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0257

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0257

EUVD