CVE-2005-4832
published 2005-12-31CVE-2005-4832: SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
EXPLOIT
SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |
| oracle | oracle10g | — | — |