cpe:/a:oracle:database_server:9.2.0.7 cpe:/a:oracle:database_server:10.1.0.5 CVE-2007-0274 2007-01-16T21:28:00.000-05:00 2017-07-28T21:30:05.360-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-01-17T13:03:00.000-05:00 SECTRACK 1017522 BUGTRAQ 20070124 Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME BUGTRAQ 20070124 Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL BUGTRAQ 20070125 Re: Oracle Buffer Overflow in DBMS_LOGREP_UTIL.GET_OBJECT_NAME BUGTRAQ 20070125 Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL BUGTRAQ 20070129 Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL BID 22083 SECUNIA 23794 OSVDB 32914 OSVDB 32915 CERT TA07-017A CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html XF oracle-cpu-jan2007(31541) Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10.1.0.5 have unknown impact and attack vectors related to (1) Export and sys.dbms_logrep_util (DB08), and (2) Oracle Streams and sys.dbms_capture_adm_internal privileges (DB09). NOTE: Oracle has not disputed reliable researcher claims that DB08 is for a buffer overflow in the GET_OBJECT_NAME procedure in the DBMS_LOGREP_UTIL package, and DB09 is for buffer overflows in the CREATE_CAPTURE, ALTER_CAPTURE, and ABORT_TABLE_INSTANTIATION procedures in SYS.DBMS_CAPTURE_ADM_INTERNAL.