SQL Injection Vulnerabilities in Oracle Database 10g Release 1
CVE-2006-0586

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
8 February 2006

Summary

Multiple SQL injection vulnerabilities exist in Oracle Database 10g Release 1 prior to January 2006. These vulnerabilities allow remote attackers to execute arbitrary SQL commands through various parameters in functions of the SYS.KUPV$FT and SYS.KUPV$FT_INT packages. Due to insufficient details from Oracle's advisories, it is uncertain if and how these issues have been resolved, highlighting the importance of vigilance in database security.

References

EPSS Score

30% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.