8.1 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.975 High
EPSS
Percentile
100.0%
SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain.
CPE | Name | Operator | Version |
---|---|---|---|
oracle:database_server | oracle database server | eq | * |
marc.info/?l=bugtraq&m=119332677525918&w=2
osvdb.org/40079
secunia.com/advisories/27251
secunia.com/advisories/27409
securityreason.com/securityalert/3245
www.securityfocus.com/archive/1/482429/100/0/threaded
www.securityfocus.com/bid/26098
www.securitytracker.com/id?1018823
www.vupen.com/english/advisories/2007/3524
www.vupen.com/english/advisories/2007/3626
www.exploit-db.com/exploits/4570
www.exploit-db.com/exploits/4571
www.exploit-db.com/exploits/4572