CVE-2006-0260Oracle Database Server vulnerability

12 documents3 sources
Severity
10.0CRITICALNVD
NVD7.5
EPSS
1.4%
top 19.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Database Server
Timeline
PublishedJan 18
Latest updateMay 1

Description

Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB05 in the (a) Data Pump component; (2) DB15 in the (b) Oracle Text component; (3) DB22 in the (c) Streams Apply component; (4) DB23 and (5) DB24 in the (d) Streams Capture component; and (6) DB26 in the (e) Streams Subcomponent. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable indepe

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDoracle/database_server6 versions+5

Patches

Patch: secunia.comPatch: securitytracker.comPatch: secunia.com

🔴Vulnerability Details

8
GHSA
GHSA-f5vr-wx48-496c: SQL injection vulnerability in the Oracle Text component of Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execut2022-05-01
GHSA
GHSA-63c4-h6jq-3fj3: SQL injection vulnerability in the Data Pump Metadata API in Oracle Database 10g and possibly earlier might allow remote attackers to execute arbitrar2022-05-01
GHSA
GHSA-9gg8-74cp-87c9: Multiple unspecified vulnerabilities in Oracle Database server 92022-05-01
GHSA
GHSA-ff55-4qfm-2hmv: SQL injection vulnerability in the SYS2022-05-01
CVEList
CVE-2006-0549: SQL injection vulnerability in the SYS2006-02-04
CVE-2006-0260 — Oracle Database Server vulnerability | cvebase