CVE-2006-0272

7 documents4 sources
Severity
9.0CRITICAL
EPSS
28.1%
top 3.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Oracle10gOracle Oracle9i
Timeline
PublishedJan 18
Latest updateMay 1

Description

Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages2 packages

NVDoracle/oracle9istandard_9.2.0.7
NVDoracle/oracle10genterprise_10.1.0.4, personal_10.1.0.4, standard_10.1.0.4+2

🔴Vulnerability Details

2
GHSA
GHSA-99g8-9mm6-4xp8: Unspecified vulnerability in the XML Database component of Oracle Database server 92022-05-01
CVEList
CVE-2006-0272: Unspecified vulnerability in the XML Database component of Oracle Database server 92006-01-18

💬Community

4
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows2008-01-28
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows2006-02-07
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows2005-12-02
Bugzilla
CVE-2005-3964 openmotif libUil buffer overflows2005-12-02
CVE-2006-0272 (CRITICAL CVSS 9) | Unspecified vulnerability in the XM | cvebase.io