QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-0259

Back to search

CVE-2006-0259

Published: Jan 18, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component; (3) DB10 in the (b) Net Listener component; and (4) DB16 in the (c) Oracle Text component. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that DB06 is SQL injection in the GENERATE_JOB_NAME, GET_WORKERSTATUSLIST1010, GET_PARAMVALUES1010, GET_DUMPFILESET1010, GET_JOBSTATUS1010, ATTACH, and ESTABLISH_REMOTE_CONTEXT functions in DBMS_DATAPUMP.

VendorProductVersions

n/a

n/a

affected
n/a

References

oracle-january2006-update(24321)
vdb-entry
x_refsource_XF
18493
third-party-advisory
x_refsource_SECUNIA
ADV-2006-0323
vdb-entry
x_refsource_VUPEN
16287
vdb-entry
x_refsource_BID
VU#545804
third-party-advisory
x_refsource_CERT-VN
1015499
vdb-entry
x_refsource_SECTRACK
ADV-2006-0243
vdb-entry
x_refsource_VUPEN
22544
vdb-entry
x_refsource_OSVDB
18608
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now