Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5511

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2007-5511
Last Modified 07 Mar 2011 10:00:49
Published 17 Oct 2007 07:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2007-5511

Summary

SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain.

Vulnerable Systems

Application

  • Oracle Database Server


References

BUGTRAQ - 20071017 SQL Injection Flaw in Oracle Workspace Manager

VUPEN - ADV-2007-3626

VUPEN - ADV-2007-3524

SECTRACK - 1018823

SECUNIA - 27251

OSVDB - 40079

HP - SSRT061201

BID - 26098

MILW0RM - 4572

MILW0RM - 4571

MILW0RM - 4570

SREASON - 3245

SECUNIA - 27409

HP - HPSBMA02133


Last Updated: 27 May 2016 10:47:27