Lucene search
+L

3 matches found

seebug
seebug
added 2009/11/07 12:0 a.m.43 views

Oracle Advanced Replication组件REPCAT_RPC.VALIDATE_REMOTE_RC()函数权限提升漏洞

BUGTRAQ ID: 35685 CVE ID: CVE-2009-1021 Oracle Database是一款商业性质大型数据库系统。 Oracle数据库Advanced Replication组件中的REPCATRPC.VALIDATEREMOTERC函数执行了可能受控的匿名PL/SQL。该函数取当前登录用户名为第一个参数,第二个参数VALIDATESTRING直接放到了PLSQL的匿名块中并执行: ... ... SQLCURSOR := DBMSSQL.OPENCURSOR; DBMSSQL.PARSESQLCURSOR, 'BEGIN ' || ' :err :=...

5.5CVSS6.4AI score0.01778EPSS
Exploits1
checkpoint_advisories
checkpoint_advisories
added 2009/09/13 12:0 a.m.61 views

Oracle Database Server REPCAT_RPC.VALIDATE_REMOTE_RC SQL Injection (CVE-2009-1021)

Oracle Database Server is an enterprise-level relational database application suite. An SQL injection vulnerability has been reported in Oracle Database server. Remote authenticated attackers having Create Session privileges can exploit this vulnerability to inject and execute malicious SQL...

5.5CVSS7.7AI score0.01778EPSS
Exploits1
cve
cve
added 2009/07/14 11:0 p.m.111 views

CVE-2009-1021

CVE-2009-1021 affects Oracle Database Advanced Replication (REPCAT_RPC.VALIDATE_REMOTE_RC) and can be exploited by remote authenticated users to impact confidentiality and integrity. Affected versions include Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3. The vulnerability arises fro...

5.5CVSS5.4AI score0.01778EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder