[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-0435Date: (C)2006-01-26   (M)2023-12-22


Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1015544
SECTRACK-1015961
BID-16384
SECUNIA-18621
SECUNIA-19712
SECUNIA-19859
http://www.securityfocus.com/archive/1/423029/100/0/threaded
http://www.securityfocus.com/archive/1/423673/100/0/threaded
http://www.securityfocus.com/archive/1/423822/100/0/threaded
http://www.securityfocus.com/archive/1/423819/100/0/threaded
http://www.securityfocus.com/archive/1/424394/100/0/threaded
OSVDB-22719
SREASON-402
SREASON-403
ADV-2006-0338
ADV-2006-1397
ADV-2006-1571
SSRT061148
VU#169164
http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html
http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html
oracle-plsql-command-execution(24363)

CPE    38
cpe:/a:oracle:application_server:10.1.2.1.0
cpe:/a:oracle:application_server:10.1.0.2
cpe:/a:oracle:application_server:10.1.0.3
cpe:/a:oracle:application_server:9.0.3
...

© SecPod Technologies