Oracle Component Registry dbms_registry Issue

2005-07-12T10:29:54
ID OSVDB:18021
Type osvdb
Reporter OSVDB
Modified 2005-07-12T10:29:54

Description

Vulnerability Description

Oracle Component Registry contains an unspecified flaw that may allow an authenticated malicious user to compromise the integrity and/or confidentiality of a server. No further details have been provided.

Technical Description

An attacker must supply valid authentication credentials for execute on dbms_registry in order to exploit this vulnerability.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch (Critical Patch Update - July 2005) to address this vulnerability.

Short Description

Oracle Component Registry contains an unspecified flaw that may allow an authenticated malicious user to compromise the integrity and/or confidentiality of a server. No further details have been provided.

References:

Vendor Specific Advisory URL Security Tracker: 1014466 Secunia Advisory ID:15991 Secunia Advisory ID:16121 Other Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101782-1 Other Advisory URL: http://www.us-cert.gov/cas/techalerts/TA04-245A.html Keyword: DB03 Generic Informational URL: http://www.eweek.com/article2/0,1895,1836304,00.asp CERT VU: 613562 Bugtraq ID: 14238