CVE-2006-5340

Oracle Database Spatial component vulnerabilities (CVE-2006-5340) affect multiple releases (8.1.7.4, 9.0.1.5, 9.2.0.8, 10.1.0.5, 10.2.0.2). The issue is linked to the MDSYS.SDO_LRS package, specifically the convert_to_lrs_layer function, and to a vulnerability elsewhere in the Spatial stack (DB17...

CVE-2006-5342

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.3 has unknown impact and remote authenticated attack vectors related to mdsys.sdotune, aka Vuln DB18. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB18...

CVE-2006-5344

Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 have unknown impact and remote authenticated attack vectors related to 1 mdsys.sdo3gl, aka Vuln DB20, and 2 mdsys.sdocs, aka DB21. NOTE: as of 20061023, Oracle has not...

CVE-2006-5339

Unspecified vulnerability in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdogeom, aka Vuln DB11. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties th...

CVE-2006-5345

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdogeom, aka Vuln DB22. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB22 i...

CVE-2006-5345

CVE-2006-5345 is an unspecified vulnerability in the Oracle Spatial component of Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4. The entry notes remote authenticated attack vectors related to mdsys.sdo_geom and cites a possible relation to a length-checking issue in RELATE before MD2.RELATE is ca...

CVE-2006-5333

Unspecified vulnerability in Oracle Spatial component in Oracle Database 10.2.0.2 has unknown impact and remote authenticated attack vectors related to "create session" privileges, aka Vuln DB02. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB02 is for SQ...

CVE-2006-5339

CVE-2006-5339 affects the Oracle Spatial component of Oracle Database (versions 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.4). The vulnerability is linked to the mdsys.sdo_geom path and is related to a suspected length-checking issue before MD2.RELATE is called, as reported by third parties. The described...

CVE-2006-5342

CVE-2006-5342 pertains to an unspecified vulnerability in Oracle Spatial within Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.3. The impact is unknown and it involves remote authenticated access vectors tied to mdsys.sdo_tune; there are reports suggesting the issue could be related to SQL injectio...

Sql injection

Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB12. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly disputed a claim by a reliable independent researche...

Design/Logic Flaw

Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.7 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB13...

CVE-2006-1873

Unspecified vulnerability in Oracle Database Server 9.2.0.7, 10.1.0.4, and 10.2.0.1 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB08...

CVE-2006-1866

Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and other versions have unknown impact and attack vectors in the 1 Advanced Replication component, as identified by Vuln DB01, and 2 Oracle Spatial component, as identified by Vuln DB10. NOTE:...

CVE-2006-1875

Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB11. NOTE: Oracle has not disputed reliable researcher claims that this issue is SQL injection in MDSYS.SDOLRSTRIGINS...

Sql injection

Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and other versions have unknown impact and attack vectors in the 1 Advanced Replication component, as identified by Vuln DB01, and 2 Oracle Spatial component, as identified by Vuln DB10. NOTE:...

CVE-2006-1877

Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.7 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB13...

Sql injection

Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.6 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB09. NOTE: Oracle has not disputed reliable claims that this issue is SQL injection in MDSYS.PRVTIDX using the 1 EXECUTEINSERT, 2...

Design/Logic Flaw

Unspecified vulnerability in Oracle Database Server 9.2.0.7, 10.1.0.4, and 10.2.0.1 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB08...

CVE-2006-1876

Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB12. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly disputed a claim by a reliable independent researche...

Sql injection

Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln DB11. NOTE: Oracle has not disputed reliable researcher claims that this issue is SQL injection in MDSYS.SDOLRSTRIGINS...