CVE-2007-5513Oracle Database Server vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
1.3%
top 20.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Database Server
Timeline
PublishedOct 17
Latest updateMay 1

Description

The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2) short entries contain any extra characters from usernames in previous entries, aka DB23.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDoracle/database_server10.1.0.5, 9.2.0.8, 9.2.0.8dv+2

🔴Vulnerability Details

2
GHSA
GHSA-f23m-xrhr-hq76: The XML DB (XMLDB) component in Oracle Database 92022-05-01
CVEList
CVE-2007-5513: The XML DB (XMLDB) component in Oracle Database 92007-10-17
CVE-2007-5513 — Oracle Database Server vulnerability | cvebase