CVE-2005-1496

Published: May 11, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.red-database-security.com/exploits/oracle_exploit_dbms_scheduler_select_user.html

x_refsource_MISC

20050505 Oracle 10g DBMS_SCHEDULER SESSION_USER issue

mailing-list

x_refsource_BUGTRAQ

13509

vdb-entry

x_refsource_BID

oracle10g-gain-privileges(20410)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-1496

Description

Affected Products

References