2 matches found
Oracle Database DBMS_JVM_EXP_PERMS System Command Execution (CVE-2010-0866; CVE-2010-0867)
Oracle Database server is an enterprise-level relational database application suite. A privilege escalation vulnerability exists in Oracle Database server that can allow users with limited privileges to execute arbitrary operating system commands on a target server. The vulnerability is due to an...
CVE-2010-0867
CVE-2010-0867 targets Oracle Database JavaVM; connected advisories disclose a privilege escalation/command execution flaw in the DBMS_JAVA/DBMS_JVM_EXP_PERMS paths. Remote authenticated users with CREATE_SESSION can exploit the weakness to execute arbitrary OS commands, potentially with elevated ...