exploitDog

CVE-2007-3853

Опубликовано: 18 июл. 2007

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via (1) DBMS_JAVA_TEST in the JavaVM component (DB01), (2) Oracle Text component (DB09), and (3) MDSYS.SDO_GEOR_INT in the Spatial component (DB15). NOTE: a reliable researcher claims that DB01 is SQL injection in DBMS_PRVTAQIS.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03273

Низкий

6.5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jp28-qfhx-jc9h

github

почти 4 года назад

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via (1) DBMS_JAVA_TEST in the JavaVM component (DB01), (2) Oracle Text component (DB09), and (3) MDSYS.SDO_GEOR_INT in the Spatial component (DB15). NOTE: a reliable researcher claims that DB01 is SQL injection in DBMS_PRVTAQIS.

EPSS

Процентиль: 87%

0.03273

Низкий

6.5 Medium

CVSS2

Дефекты

NVD-CWE-Other