4.3

CVE-2007-0273

Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06.  NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting (XSS) vulnerabilities.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleDatabase Server Version9.0.1.5
OracleDatabase Server Version9.2.0.8
OracleDatabase Server Version10.1.0.5
OracleDatabase Server Version10.2.0.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.32% 0.672
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/23794
Patch
Vendor Advisory
http://securitytracker.com/id?1017522
http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html
http://www.securityfocus.com/bid/22083
http://www.us-cert.gov/cas/techalerts/TA07-017A.html
Patch
US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/31541
http://osvdb.org/32912
http://www.red-database-security.com/advisory/oracle_xmldb_css2.html