Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1875

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2006-1875
Last Modified 22 Oct 2012 10:01:55
Published 20 Apr 2006 06:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1875

Summary

Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB11. NOTE: Oracle has not disputed reliable researcher claims that this issue is SQL injection in MDSYS.SDO_LRS_TRIG_INS.

Vulnerable Systems

Application

  • Oracle Database Server 10.1.0.5

  • Oracle Database Server 9.0.1.5

  • Oracle Database Server 9.2.0.7


References

BID - 17590

CONFIRM - http://www.oracle.com/technology/deploy/security/pdf/cpuapr2006.html

SECTRACK - 1015961

SECUNIA - 19712

XF - oracle-sdolrstrigins-sql-injection(26055)

VUPEN - ADV-2006-1571

VUPEN - ADV-2006-1397

HP - HPSBMA02113

MISC - http://www.red-database-security.com/advisory/oracle_cpu_apr_2006.html

SECUNIA - 19859

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html

HP - SSRT061148


Last Updated: 27 May 2016 11:01:13