7.5

CVE-2006-0435

Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleApplication Server Version1.0.2
OracleApplication Server Version1.0.2.0
OracleApplication Server Version1.0.2.1
OracleApplication Server Version1.0.2.1s
OracleApplication Server Version1.0.2.2
OracleApplication Server Version1.0.2.2.2
OracleApplication Server Version9.0.2
OracleApplication Server Version9.0.2.0.0
OracleApplication Server Version9.0.2.0.1
OracleApplication Server Version9.0.2.1
OracleApplication Server Version9.0.2.2
OracleApplication Server Version9.0.2.3
OracleApplication Server Version9.0.3
OracleApplication Server Version9.0.3.1
OracleApplication Server Version9.0.4.0
OracleApplication Server Version9.0.4.1
OracleApplication Server Version9.0.4.2
OracleApplication Server Version9.2.0.6
OracleApplication Server Version9.2.0.7
OracleApplication Server Version10.1.0.2
OracleApplication Server Version10.1.0.3
OracleApplication Server Version10.1.0.3.1
OracleApplication Server Version10.1.0.4
OracleApplication Server Version10.1.2
OracleApplication Server Version10.1.2.0.2
OracleApplication Server Version10.1.2.1.0
OracleApplication Server Version10.1.2_.0.1
OracleHTTP Server Version1.0.2.0
OracleHTTP Server Version1.0.2.1
OracleHTTP Server Version1.0.2.1s_for_apps
OracleHTTP Server Version1.0.2.2
OracleHTTP Server Version1.0.2.2_roll_up_2
OracleHTTP Server Version8.1.7
OracleHTTP Server Version9.0.1
OracleHTTP Server Version9.0.2
OracleHTTP Server Version9.0.2.3
OracleHTTP Server Version9.0.3.1
OracleHTTP Server Version9.1
OracleHTTP Server Version9.2.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.72% 0.92
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041899.html
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html
http://secunia.com/advisories/18621
http://secunia.com/advisories/19712
Vendor Advisory
http://secunia.com/advisories/19859
Vendor Advisory
http://securityreason.com/securityalert/402
http://securityreason.com/securityalert/403
http://securitytracker.com/id?1015544
http://securitytracker.com/id?1015961
Patch
http://www.kb.cert.org/vuls/id/169164
US Government Resource
http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html
http://www.osvdb.org/22719
http://www.securityfocus.com/archive/1/423029/100/0/threaded
http://www.securityfocus.com/archive/1/423673/100/0/threaded
http://www.securityfocus.com/archive/1/423819/100/0/threaded
http://www.securityfocus.com/archive/1/423822/100/0/threaded
http://www.securityfocus.com/archive/1/424394/100/0/threaded
http://www.securityfocus.com/archive/1/432267/100/0/threaded
http://www.securityfocus.com/bid/16384
http://www.vupen.com/english/advisories/2006/0338
Vendor Advisory
http://www.vupen.com/english/advisories/2006/1397
Vendor Advisory
http://www.vupen.com/english/advisories/2006/1571
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/24363