SQL Injection Vulnerability in Oracle Database 10g Streams Capture Component
CVE-2006-0269

Currently unrated

Key Information:

Vendor
Oracle
Status
Vendor
CVE Published:
18 January 2006

Summary

The Streams Capture component of Oracle Database versions 10.1.0.5 and 10.2.0.1 has been identified to possess an unspecified vulnerability that may facilitate SQL injection attacks. Independent researchers have reported that this flaw lies within the SET_DIRECTORY_ROOT function of the DBMS_CDC_PUBLISH package, potentially allowing unauthorized access or modification of database interactions. Users are advised to promptly evaluate their deployment to mitigate risks associated with this issue.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.