Back to search
CVE-2006-1874
Published: Apr 20, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.6 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB09. NOTE: Oracle has not disputed reliable claims that this issue is SQL injection in MDSYS.PRVT_IDX using the (1) EXECUTE_INSERT, (2) EXECUTE_DELETE, (3) EXECUTE_UPDATE, (4) EXECUTE UPDATE, and (5) CRT_DUMMY functions.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
19712
third-party-advisory
x_refsource_SECUNIA
19859
third-party-advisory
x_refsource_SECUNIA
http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html
x_refsource_CONFIRM
ADV-2006-1571
vdb-entry
x_refsource_VUPEN
17590
vdb-entry
x_refsource_BID
SSRT061148
vendor-advisory
x_refsource_HP
ADV-2006-1397
vdb-entry
x_refsource_VUPEN
HPSBMA02113
vendor-advisory
x_refsource_HP
oracle-prvtidx-sql-injection(26053)
vdb-entry
x_refsource_XF
1015961
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now