Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1868

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1868
Last Modified 22 Oct 2012 10:01:54
Published 20 Apr 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1868

Summary

Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFY_LOG procedure of the DBMS_SNAPSHOT_UTL package, aka Vuln# DB03.

Vulnerable Systems

Application

  • Oracle Database Server 10.1.0.4


References

CERT-VN - VU#797465

CERT - TA06-109A

CONFIRM - http://www.oracle.com/technology/deploy/security/pdf/cpuapr2006.html

SECTRACK - 1015961

XF - oracle-dbmssnapshotutl-bo(26049)

VUPEN - ADV-2006-1571

VUPEN - ADV-2006-1397

BID - 17590

HP - HPSBMA02113

HP - SSRT061148

BUGTRAQ - 20060420 [Argeniss] Oracle Database 10gR1 Buffer overflow in VERIFY_LOG procedure

MISC - http://www.red-database-security.com/advisory/oracle_cpu_apr_2006.html

MISC - http://www.argeniss.com/research/ARGENISS-ADV-040603.txt

SECUNIA - 19859

SECUNIA - 19712

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html


Last Updated: 27 May 2016 10:51:47