Unspecified Vulnerability in Oracle Database Change Data Capture by Oracle
CVE-2008-1815

Currently unrated

Key Information:

Vendor: Oracle
Status: Database 10g; Database 11g
Vendor: CVE Published:; 16 April 2008

What is CVE-2008-1815?

The vulnerability in the Change Data Capture component of Oracle Database allows for potential exploitation through unknown attack vectors. This issue is related to the DBMS_CDC_UTILITY package, particularly concerning the LOCK_CHANGE_SET function. While the exact impact remains unclear, researchers have indicated that it may facilitate SQL injection attacks. Users of Oracle Database versions 10.1.0.5, 10.2.0.3, and 11.1.0.6 are advised to assess their environments for potential exposure and ensure they are applying suitable security practices.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/41998

vdb-entryx_refsource_XF

https://exchange.xforce.ibmcloud.com/vulnerabilities/41858

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2008/1267/references

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 16, 2008
Vulnerability Reserved
Apr 15, 2008