Privilege Escalation Vulnerability in Oracle 10g DBMS_Scheduler
CVE-2005-1496

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
11 May 2005

Summary

The DBMS_Scheduler component in Oracle 10g contains a security flaw that allows remote attackers, who possess CREATE JOB privileges, to change their session user to the SYS user. This unauthorized privilege escalation can enable attackers to perform actions beyond their intended access level, posing a significant risk to database integrity and security. Proper configuration and access controls are essential to mitigate this risk.

References

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.