10

CVE-2006-1875

Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB11.  NOTE: Oracle has not disputed reliable researcher claims that this issue is SQL injection in MDSYS.SDO_LRS_TRIG_INS.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleDatabase Server Version9.0.1.5
OracleDatabase Server Version9.2.0.7
OracleDatabase Server Version10.1.0.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.92% 0.852
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/19712
Patch
Vendor Advisory
http://secunia.com/advisories/19859
Vendor Advisory
http://securitytracker.com/id?1015961
Patch
http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html
http://www.securityfocus.com/archive/1/432267/100/0/threaded
http://www.vupen.com/english/advisories/2006/1397
Vendor Advisory
http://www.vupen.com/english/advisories/2006/1571
Vendor Advisory
http://www.red-database-security.com/advisory/oracle_cpu_apr_2006.html
http://www.securityfocus.com/bid/17590
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/26055