Vulnerability Name: | CVE-2007-0268 (CCN-31541) | ||||||||
Assigned: | 2007-01-16 | ||||||||
Published: | 2007-01-16 | ||||||||
Updated: | 2018-10-16 | ||||||||
Summary: | Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) the Advanced Queuing component and sys.dbms_aqsys.dbms_aq privileges (DB01), (2) Advanced Replication and sys.dbms_repcat_untrusted (DB07), and (3) Oracle Text and ctxload (DB15). Note: Oracle has not publicly claims by reliable researchers that DB01 is for SQL injection in the SYS.DBMS_AQ_INV package, and DB07 is for a buffer overflow in the UNREGISTER_SNAPSHOT procedure in the DBMS_REPCAT_UNTRUSTED package. | ||||||||
CVSS v3 Severity: | 5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P) 5.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:OF/RC:C)
5.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-noinfo | ||||||||
Vulnerability Consequences: | Informational | ||||||||
References: | Source: MITRE Type: CNA CVE-2007-0268 Source: MITRE Type: CNA CVE-2007-0269 Source: MITRE Type: CNA CVE-2007-0270 Source: MITRE Type: CNA CVE-2007-0271 Source: MITRE Type: CNA CVE-2007-0272 Source: MITRE Type: CNA CVE-2007-0273 Source: MITRE Type: CNA CVE-2007-0274 Source: MITRE Type: CNA CVE-2007-0275 Source: MITRE Type: CNA CVE-2007-0276 Source: MITRE Type: CNA CVE-2007-0277 Source: MITRE Type: CNA CVE-2007-0278 Source: MITRE Type: CNA CVE-2007-0279 Source: MITRE Type: CNA CVE-2007-0280 Source: MITRE Type: CNA CVE-2007-0281 Source: MITRE Type: CNA CVE-2007-0282 Source: MITRE Type: CNA CVE-2007-0283 Source: MITRE Type: CNA CVE-2007-0284 Source: MITRE Type: CNA CVE-2007-0285 Source: MITRE Type: CNA CVE-2007-0286 Source: MITRE Type: CNA CVE-2007-0287 Source: MITRE Type: CNA CVE-2007-0288 Source: MITRE Type: CNA CVE-2007-0289 Source: MITRE Type: CNA CVE-2007-0290 Source: MITRE Type: CNA CVE-2007-0291 Source: MITRE Type: CNA CVE-2007-0292 Source: MITRE Type: CNA CVE-2007-0293 Source: MITRE Type: CNA CVE-2007-0294 Source: MITRE Type: CNA CVE-2007-0295 Source: MITRE Type: CNA CVE-2007-0296 Source: MITRE Type: CNA CVE-2007-0297 Source: OSVDB Type: UNKNOWN 32907 Source: OSVDB Type: UNKNOWN 32913 Source: OSVDB Type: UNKNOWN 32921 Source: CCN Type: SA23794 Oracle Products Multiple Vulnerabilities Source: SECUNIA Type: Patch, Vendor Advisory 23794 Source: CCN Type: SECTRACK ID: 1017522 Oracle Database and Other Products Have 52 Unspecified Vulnerabilities With Unspecified Impact Source: SECTRACK Type: UNKNOWN 1017522 Source: CCN Type: US-CERT VU#221788 Oracle SYS.DBMS_AQ package vulnerable to PL/SQL injection Source: CERT-VN Type: Patch, US Government Resource VU#221788 Source: CCN Type: Oracle Critical Patch Update - January 2007 Oracle Critical Patch Update Advisory - January 2007 Source: CONFIRM Type: UNKNOWN http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html Source: CCN Type: OSVDB ID: 32872 Oracle PeopleSoft PeopleTools PIA Component HTTP Unspecified Remote DoS Source: CCN Type: OSVDB ID: 32873 Oracle PeopleSoft PeopleTools PIA Component HTTP Unspecified Information Disclosure Source: CCN Type: OSVDB ID: 32874 Oracle PeopleSoft PeopleTools HTTP Unspecified Authenticated XSS Source: CCN Type: OSVDB ID: 32880 Oracle Enterprise Manager Cloning & Data Guard Management Unspecified Information Disclosure Source: CCN Type: OSVDB ID: 32881 Oracle HTTP Server SSL Module Unspecified Remote Issue (OHS01) Source: CCN Type: OSVDB ID: 32882 Oracle HTTP Server SSL Module Unspecified Remote Issue (OHS02) Source: CCN Type: OSVDB ID: 32883 Oracle HTTP Server Unspecified Issue (OHS03) Source: CCN Type: OSVDB ID: 32884 Oracle HTTP Server Unspecified Issue (OHS04) Source: CCN Type: OSVDB ID: 32885 Oracle HTTP Server SSL Module Unspecified Remote DoS (OHS05) Source: CCN Type: OSVDB ID: 32886 Oracle HTTP Server SSL Module Unspecified Remote DoS (OHS06) Source: CCN Type: OSVDB ID: 32887 Oracle HTTP Server Unspecified Information Disclosure Source: CCN Type: OSVDB ID: 32888 Oracle E-Business Suite Application Object Library HTTP Authenticated Unspecified Issue Source: CCN Type: OSVDB ID: 32889 Oracle E-Business Suite Exchange HTTP Negotiations User Unspecified Information Disclosure Source: CCN Type: OSVDB ID: 32890 Oracle E-Business Suite Human Resources Administrator Unspecified Information Disclosure Source: CCN Type: OSVDB ID: 32891 Oracle E-Business Suite Payables User Account Unspecified Information Disclosure Source: CCN Type: OSVDB ID: 32892 Oracle E-Business Suite Trading Community Architecture Administrator Unspecified Information Disclosure Source: CCN Type: OSVDB ID: 32893 Oracle E-Business Suite Web Applications Desktop Integrator Unspecified Issue Source: CCN Type: OSVDB ID: 32894 Oracle Multiple Products Reports Developer HTTP Unspecified Issue Source: CCN Type: OSVDB ID: 32895 Oracle Multiple Products Containers for J2EE HTTP Unspecified Issue (OC4J01) Source: CCN Type: OSVDB ID: 32896 Oracle Multiple Products Containers for J2EE HTTP Unspecified Issue (OC4J02) Source: CCN Type: OSVDB ID: 32897 Oracle Multiple Products Containers for J2EE HTTP Unspecified Information Disclosure (OC4J03) Source: CCN Type: OSVDB ID: 32898 Oracle Multiple Products Containers for J2EE HTTP Unspecified Issue (OC4J04) Source: CCN Type: OSVDB ID: 32899 Oracle Collaboration Suite Containers for J2EE HTTP Unspecified Information Disclosure (OC4J05) Source: CCN Type: OSVDB ID: 32900 Oracle Collaboration Suite Containers for J2EE HTTP Unspecified Issue (OC4J06) Source: CCN Type: OSVDB ID: 32901 Oracle Multiple Products Containers for J2EE Unauthenticated Unspecified Information Disclosure Source: CCN Type: OSVDB ID: 32902 Oracle Multiple Products Containers for J2EE jazn.jar Local Information Disclosure Source: CCN Type: OSVDB ID: 32903 Oracle Application Server Internet Directory LDAP Unspecified Information Disclosure Source: CCN Type: OSVDB ID: 32904 Oracle Multiple Products Process Mgmt & Notification ONS OPMN Daemon Remote Format String (OPMN02) Source: CCN Type: OSVDB ID: 32906 Oracle Multiple Products Workflow Cartridge rwcgi60 genuser Parameter XSS Source: CCN Type: OSVDB ID: 32908 Oracle Database Change Data Capture sys.dbms_cdc_subscribe Unspecified Issue Source: CCN Type: OSVDB ID: 32916 Oracle Database Advanced Security Option oklist / okdstry Unspecified Local Issue Source: CCN Type: OSVDB ID: 32917 Oracle Database Export expdp / impdp Unspecified Local Issue Source: CCN Type: OSVDB ID: 32918 Oracle Database NLS Runtime lmsgen Unspecified Local Issue Source: CCN Type: OSVDB ID: 32919 Oracle Database Net Services tnslsnr Unspecified Local Issue Source: CCN Type: OSVDB ID: 32920 Oracle Database Text ctxkbtc Unspecified Local Issue Source: CCN Type: OSVDB ID: 32922 Oracle Database Recovery Manager oklist Unspecified Local Issue Source: CCN Type: Red-Database-Security Web site Details Oracle Critical Patch Update January 2007 Source: MISC Type: UNKNOWN http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html Source: BUGTRAQ Type: UNKNOWN 20070124 Oracle Buffer Overflow in DBMS_REPCAT_UNTRUSTED.UNREGISTER_SNAPSHOT Source: BUGTRAQ Type: UNKNOWN 20070129 Re: Re: Oracle Buffer Overflows in DBMS_CAPTURE_ADM_INTERNAL Source: CCN Type: BID-22008 Retired: Oracle January 2007 Advance Notification Multiple Vulnerabilities Source: BID Type: Exploit, Patch 22083 Source: CCN Type: US-CERT Technical Cyber Security Alert TA07-017A Oracle Releases Patches for Multiple Vulnerabilities Source: CERT Type: Patch, US Government Resource TA07-017A Source: XF Type: UNKNOWN oracle-cpu-jan2007(31541) Source: XF Type: UNKNOWN oracle-cpu-jan2007(31541) Source: CCN Type: IBM Internet Security Systems X-Force Database Oracle Application Server EmChartBean directory traversal | ||||||||
Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
Vulnerability Name: | CVE-2007-0268 (CCN-31575) | ||||||||
Assigned: | 2007-01-16 | ||||||||
Published: | 2007-01-16 | ||||||||
Updated: | 2007-01-16 | ||||||||
Summary: | Oracle Database is vulnerable to SQL injection. A remote attacker with execute privileges on the SYS.DBMS_AQ package could send specially-crafted SQL statements to the Advanced Queuing component, which could allow the attacker to view, add, modify or delete information in the back-end database. | ||||||||
CVSS v3 Severity: | 5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P) 5.7 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:OF/RC:C)
5.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:OF/RC:C)
| ||||||||
Vulnerability Consequences: | Data Manipulation | ||||||||
References: | Source: MITRE Type: CNA CVE-2007-0268 Source: CCN Type: SA23794 Oracle Products Multiple Vulnerabilities Source: CCN Type: SECTRACK ID: 1017522 Oracle Database and Other Products Have 52 Unspecified Vulnerabilities With Unspecified Impact Source: CCN Type: US-CERT VU#221788 Oracle SYS.DBMS_AQ package vulnerable to PL/SQL injection Source: CCN Type: Oracle Critical Patch Update - January 2007 Oracle Critical Patch Update Advisory - January 2007 Source: CCN Type: OSVDB ID: 32907 Oracle Database Advanced Queuing SYS.DBMS_AQ_INV SQL Injection Source: CCN Type: OSVDB ID: 32913 Oracle Database Advanced Replication SYS.DBMS_REPCAT_UNTRUSTED Arbitrary Code Execution Source: CCN Type: OSVDB ID: 32921 Oracle Database Text ctxload Unspecified Local Issue Source: CCN Type: Red-Database-Security Web site Details Oracle Critical Patch Update January 2007 Source: CCN Type: Red-Database-Security Advisory 16 January 2007 SQL Injection in package SYS.DBMS_AQ_INV Source: CCN Type: BID-22083 Oracle January 2007 Security Update Multiple Vulnerabilities Source: CCN Type: US-CERT Technical Cyber Security Alert TA07-017A Oracle Releases Patches for Multiple Vulnerabilities Source: XF Type: UNKNOWN oracle-dbmsaq-sql-injection(31575) | ||||||||
Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||||
Vulnerability Name: | CVE-2007-0268 (CCN-32374) | ||||||||
Assigned: | 2007-01-24 | ||||||||
Published: | 2007-01-24 | ||||||||
Updated: | 2007-01-24 | ||||||||
Summary: | Oracle Database Server is vulnerable to a buffer overflow, caused by improper bounds checking by the UNREGISTER_SNAPSHOT procedure which is part of the DBMS_REPCAT_UNTRUSTED package. A remote or local attacker with execute privileges on the SYS.DBMS_REPCAT_UNTRUSTED package could exploit this vulnerability to execute arbitrary code with elevated privileges or cause the database server to crash. | ||||||||
CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)
| ||||||||
CVSS v2 Severity: | 6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P) 4.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)
6.7 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||
References: | Source: CCN Type: Full-Disclosure Mailing List, Wed Jan 24 2007 - 17:39:19 CST Oracle Buffer Overflow in DBMS_REPCAT_UNTRUSTED.UNREGISTER_SNAPSHOT Source: MITRE Type: CNA CVE-2007-0268 Source: CCN Type: SA23794 Oracle Products Multiple Vulnerabilities Source: CCN Type: SECTRACK ID: 1017522 Oracle Database and Other Products Have 52 Unspecified Vulnerabilities With Unspecified Impact Source: CCN Type: US-CERT VU#221788 Oracle SYS.DBMS_AQ package vulnerable to PL/SQL injection Source: CCN Type: Oracle Critical Patch Update - January 2007 Oracle Critical Patch Update Advisory - January 2007 Source: CCN Type: OSVDB ID: 32907 Oracle Database Advanced Queuing SYS.DBMS_AQ_INV SQL Injection Source: CCN Type: OSVDB ID: 32913 Oracle Database Advanced Replication SYS.DBMS_REPCAT_UNTRUSTED Arbitrary Code Execution Source: CCN Type: OSVDB ID: 32921 Oracle Database Text ctxload Unspecified Local Issue Source: CCN Type: Red-Database-Security Web site Details Oracle Critical Patch Update January 2007 Source: CCN Type: BID-22083 Oracle January 2007 Security Update Multiple Vulnerabilities Source: CCN Type: US-CERT Technical Cyber Security Alert TA07-017A Oracle Releases Patches for Multiple Vulnerabilities Source: XF Type: UNKNOWN oracle-dbmsrepcat-unregister-bo(32374) | ||||||||
Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |