CVE-2006-0269

Currently unrated

Key Information:

Vendor: Oracle
Status: Oracle10g
Vendor: CVE Published:; 18 January 2006

Summary

Unspecified vulnerability in the Streams Capture component of Oracle Database server 10.1.0.5 and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB25. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the SET_DIRECTORY_ROOT function in the DBMS_CDC_PUBLISH package.

References

http://www.osvdb.org/22563

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/24321

vdb-entryx_refsource_XF

http://www.red-database-security.com/advisory/oracle_cpu_...

x_refsource_MISC

Timeline

Vulnerability published
Jan 18, 2006
Vulnerability Reserved
Jan 18, 2006