CVE-2006-2505

Опубликовано: 22 мая 2006

Источник: nvd

CVSS2: 3.6

EPSS Низкий

Описание

Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via a reference to a malicious package in the TYPE_NAME argument in the (1) GET_DOMAIN_INDEX_TABLES or (2) GET_V2_DOMAIN_INDEX_TABLES function in the DBMS_EXPORT_EXTENSION package.

Ссылки

http://secunia.com/advisories/19860
Exploit
Vendor Advisory
http://www.kb.cert.org/vuls/id/932124
US Government Resource
http://www.securityfocus.com/archive/1/432078/100/0/threaded
http://www.securityfocus.com/archive/1/432354/100/0/threaded
http://www.securityfocus.com/archive/1/432355/100/0/threaded
http://www.securityfocus.com/bid/17699
Exploit
http://secunia.com/advisories/19860
Exploit
Vendor Advisory
http://www.kb.cert.org/vuls/id/932124
US Government Resource
http://www.securityfocus.com/archive/1/432078/100/0/threaded
http://www.securityfocus.com/archive/1/432354/100/0/threaded
http://www.securityfocus.com/archive/1/432355/100/0/threaded
http://www.securityfocus.com/bid/17699
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oracle:database_server:release_2:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.01767

Низкий

3.6 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-475x-r72w-8xq4

github

почти 4 года назад