漏洞标题
N/A
漏洞描述信息
"Oracle数据库10g及其可能早期的版本中,Oracle文本组件的SQL注入漏洞可能导致远程攻击者通过未知路径执行任意SQL命令。注意:由于Oracle建议中缺少相关细节,因此正在创建一个单独的CVE,因为无法肯定地证明Oracle已经解决了这个问题。有可能这是与2006年1月CPU中的Oracle漏洞#DB15相同的问题,如果是这样的话,则将合并到CVE-2006-0260中。"
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
SQL injection vulnerability in the Oracle Text component of Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DB15 from the January 2006 CPU, in which case this would be subsumed by CVE-2006-0260.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Oracle Database Oracle Text组件SQL注入漏洞
漏洞描述信息
Oracle Database 10g,而且可能包括之前版本的Oracle Text组件中存在SQL注入漏洞。远程攻击者可以借助未知向量执行任意SQL命令。
CVSS信息
N/A
漏洞类别
SQL注入