SQL Injection Vulnerability in Oracle Database Affecting Remote Authenticated Users
CVE-2009-0980

Currently unrated

Key Information:

Vendor: Oracle
Status: Database 10g; Database 11g
Vendor: CVE Published:; 15 April 2009

Summary

An unspecified SQL injection vulnerability exists within the SQLX Functions component of Oracle Database versions 10.2.0.3 and 11.1.0.6. This flaw allows remote authenticated users to manipulate database integrity and disrupt service availability. The risk associated with this vulnerability involves unauthorized access and potential data compromise, emphasizing the need for prompt patching and security measures.

References

http://www.securityfocus.com/bid/34461

vdb-entryx_refsource_BID

http://secunia.com/advisories/34693

third-party-advisoryx_refsource_SECUNIA

http://www.us-cert.gov/cas/techalerts/TA09-105A.html

third-party-advisoryx_refsource_CERT

Timeline

Vulnerability published
Apr 15, 2009
Vulnerability Reserved
Mar 19, 2009