CVE-2006-1874
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.9%
Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.6 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB09. NOTE: Oracle has not disputed reliable claims that this issue is SQL injection in MDSYS.PRVT_IDX using the (1) EXECUTE_INSERT, (2) EXECUTE_DELETE, (3) EXECUTE_UPDATE, (4) EXECUTE UPDATE, and (5) CRT_DUMMY functions.
References
secunia.com/advisories/19712
secunia.com/advisories/19859
securitytracker.com/id?1015961
www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html
www.red-database-security.com/advisory/oracle_cpu_apr_2006.html
www.securityfocus.com/archive/1/432267/100/0/threaded
www.securityfocus.com/bid/17590
www.vupen.com/english/advisories/2006/1397
www.vupen.com/english/advisories/2006/1571
exchange.xforce.ibmcloud.com/vulnerabilities/26053
Social References
More
Related
7.3 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.007 Low
EPSS
Percentile
80.9%