cpe:/a:oracle:database_server:9.2.0.7 cpe:/a:oracle:database_server:10.1.0.5 CVE-2006-1871 2005-11-01T00:00:00.000-05:00 2006-04-20T06:02:00.000-04:00 2017-07-19T21:30:59.130-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-04-21T10:36:00.000-04:00 ALLOWS_OTHER_ACCESS SECTRACK 1015961 BID 17590 SECUNIA 19712 SECUNIA 19859 BUGTRAQ 20060418 SQL Injection in package SYS.DBMS_LOGMNR_SESSION VUPEN ADV-2006-1397 VUPEN ADV-2006-1571 HP HPSBMA02113 HP SSRT061148 CONFIRM http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html MISC http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_logmnr_session.html XF oracle-dbmslogmnrsession-sql-injection(26047) SQL injection vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.5 allows remote attackers to execute arbitrary SQL commands via the DELETE_FROM_TABLE function in the DBMS_LOGMNR_SESSION (Log Miner) package, aka Vuln# DB06.