6.5

CVE-2007-0268

Exploit

EPSS 6.62%
Veröffentlicht 17.01.2007 02:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) the Advanced Queuing component and sys.dbms_aqsys.dbms_aq privileges (DB01), (2) Advanced Replication and sys.dbms_repcat_untrusted (DB07), and (3) Oracle Text and ctxload (DB15).  NOTE: Oracle has not publicly claims by reliable researchers that DB01 is for SQL injection in the SYS.DBMS_AQ_INV package, and DB07 is for a buffer overflow in the UNREGISTER_SNAPSHOT procedure in the DBMS_REPCAT_UNTRUSTED package.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 16

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oracle ≫ Database Server Version9.0.1.5

Oracle ≫ Database Server Version9.2.0.7

Oracle ≫ Database Server Version10.1.0.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	6.62%	0.908

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

http://secunia.com/advisories/23794

Patch

Vendor Advisory

http://securitytracker.com/id?1017522

http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html

http://www.securityfocus.com/bid/22083

Patch

Exploit

http://osvdb.org/32907

http://osvdb.org/32913

http://osvdb.org/32921

http://www.kb.cert.org/vuls/id/221788

Patch

US Government Resource

http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html

http://www.securityfocus.com/archive/1/458005/100/0/threaded

http://www.securityfocus.com/archive/1/458475/100/100/threaded

http://www.us-cert.gov/cas/techalerts/TA07-017A.html

Patch

US Government Resource

https://exchange.xforce.ibmcloud.com/vulnerabilities/31541

https://nvd.nist.gov/vuln/detail/CVE-2007-0268

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0268

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0268

EUVD