CVE-2006-0257: Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack…

CVE-2006-0257 [HIGH] GHSA-h9cg-xhj3-mjmj: Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9 Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB02. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the CDC_ALLOCATE_LOCK function of the DBMS_CDC_UTILITY package.

CVE-2006-0323 [CRITICAL] CVE-2006-0323 RealPlayer SWF file buffer overflow CVE-2006-0323 RealPlayer SWF file buffer overflow Playing a maliciously fashioned swf file (flash media) could cause a buffer overrun and crash. Discussion: This issue should also affect RHEL3 --- embargo moved by Real to March 16th --- embargo moved by Real to March 20th --- This issue is public: http://service.real.com/realplayer/security/03162006_player/en/ --- An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0257.html