Data Manipulation Vulnerability in Oracle Database by Local Users
CVE-2006-1705

Currently unrated

Key Information:

Vendor
Oracle
Status
Oracle10g
Oracle9i
Vendor
CVE Published:
11 April 2006

Summary

This vulnerability in Oracle Database allows local users with 'SELECT' privileges on a base table to manipulate data significantly. By creating specially crafted views, these users can insert, update, or delete data indirectly. This exploitation poses a risk to data integrity, as it enables unauthorized access and modification actions through legitimate user permissions.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2006-A...
mailing-listx_refsource_FULLDISC
http://www.kb.cert.org/vuls/id/805737
third-party-advisoryx_refsource_CERT-VN
http://www.red-database-security.com/advisory/oracle_modi...
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.