Lucene search

[email protected]CVE-2006-1705

HistoryApr 11, 2006 - 10:02 a.m.

CVE-2006-1705

2006-04-1110:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

oracle

database

cve-2006-1705

security

data manipulation

6.2 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.737 High

EPSS

Percentile

98.1%

JSON

Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with “SELECT” privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view.

CPENameOperatorVersion
oracle:oracle10goracle oracle10geqstandard_10.2.0.1
oracle:oracle10goracle oracle10geqpersonal_10.1.0.3
oracle:oracle10goracle oracle10geqstandard_10.1.0.3.1
oracle:oracle9ioracle oracle9ieqenterprise_9.2.0.5
oracle:oracle9ioracle oracle9ieqpersonal_9.2.0.1
oracle:oracle9ioracle oracle9ieqpersonal_9.2.0.2
oracle:oracle9ioracle oracle9ieqpersonal_9.2.0.5
oracle:oracle10goracle oracle10geqenterprise_10.1.0.4
oracle:oracle9ioracle oracle9ieqstandard_9.2.0.3
oracle:oracle10goracle oracle10geqenterprise_10.1.0.3

CPE	Name	Operator	Version
oracle:oracle10g	oracle oracle10g	eq	standard_10.2.0.1
oracle:oracle10g	oracle oracle10g	eq	personal_10.1.0.3
oracle:oracle10g	oracle oracle10g	eq	standard_10.1.0.3.1
oracle:oracle9i	oracle oracle9i	eq	enterprise_9.2.0.5
oracle:oracle9i	oracle oracle9i	eq	personal_9.2.0.1
oracle:oracle9i	oracle oracle9i	eq	personal_9.2.0.2
oracle:oracle9i	oracle oracle9i	eq	personal_9.2.0.5
oracle:oracle10g	oracle oracle10g	eq	enterprise_10.1.0.4
oracle:oracle9i	oracle oracle9i	eq	standard_9.2.0.3
oracle:oracle10g	oracle oracle10g	eq	enterprise_10.1.0.3

Rows per page:

1-10 of 381

References

lists.grok.org.uk/pipermail/full-disclosure/2006-April/044990.html

secunia.com/advisories/19574

securitytracker.com/id?1015886

www.kb.cert.org/vuls/id/805737

www.red-database-security.com/advisory/oracle_modify_data_via_views.html

www.securityfocus.com/archive/1/430434/100/0/threaded

www.securityfocus.com/bid/17426

www.vupen.com/english/advisories/2006/1297

exchange.xforce.ibmcloud.com/vulnerabilities/25696

6.2 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.737 High

EPSS

Percentile

98.1%

JSON

Related for CVE-2006-1705

prion1 cvelist1 checkpoint_advisories1 nessus1