10

CVE-2006-3702

Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB06 in Export; (2) DB08, (3) DB09, (4) DB10, (5) DB11, (6) DB12, (7) DB13, (8) DB14, and (9) DBC01 for OCI; (10) DB16 for Query Rewrite/Summary Mgmt; (11) DB17, (12) DB18, (13) DB19, (14) DBC02, (15) DBC03, and (16) DBC04 for RPC; and (17) DB20 for Semantic Analysis.  NOTE: as of 20060719, Oracle has not disputed third party claims that DB06 is related to "SQL injection" using DBMS_EXPORT_EXTENSION with a modified ODCIIndexGetMetadata routine and a call to GET_DOMAIN_INDEX_METADATA, in which case DB06 might be CVE-2006-2081.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleDatabase Server Version8.1.7.4
OracleDatabase Server Version9.2.0.7
OracleDatabase Server Version10.1.0.5
OracleDatabase Server Version10.2.0.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.23% 0.897
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.kb.cert.org/vuls/id/932124
US Government Resource
http://www.red-database-security.com/exploits/oracle-sql-injection-oracle-dbms_export_extension.html
http://secunia.com/advisories/21111
Vendor Advisory
http://secunia.com/advisories/21165
Vendor Advisory
http://securitytracker.com/id?1016529
http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html
http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/440758/100/100/threaded
http://www.securityfocus.com/bid/19054
Patch
http://www.us-cert.gov/cas/techalerts/TA06-200A.html
US Government Resource
http://www.vupen.com/english/advisories/2006/2863
Vendor Advisory
http://www.vupen.com/english/advisories/2006/2947
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27897