CVE-2007-0273Cross-site Scripting in Oracle Database Server

3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.6%
top 30.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Database Server
Timeline
PublishedJan 17
Latest updateMay 1

Description

Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting (XSS) vulnerabilities.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDoracle/database_server4 versions+3

Patches

Patch: secunia.comPatch: www.us-cert.govPatch: secunia.com

🔴Vulnerability Details

2
GHSA
GHSA-pww3-rf4f-cjmg: Unspecified vulnerability in Oracle Database 92022-05-01
CVEList
CVE-2007-0273: Unspecified vulnerability in Oracle Database 92007-01-17
CVE-2007-0273 — Cross-site Scripting in Oracle | cvebase