Back to search
CVE-2008-1815
Published: Apr 16, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to DBMS_CDC_UTILITY, aka DB02. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB02 is for SQL injection in LOCK_CHANGE_SET.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oracle-database-dbmscdcutility-unspecified(41998)
vdb-entry
x_refsource_XF
oracle-cpu-april-2008(41858)
vdb-entry
x_refsource_XF
ADV-2008-1267
vdb-entry
x_refsource_VUPEN
ADV-2008-1233
vdb-entry
x_refsource_VUPEN
1019855
vdb-entry
x_refsource_SECTRACK
29829
third-party-advisory
x_refsource_SECUNIA
HPSBMA02133
vendor-advisory
x_refsource_HP
http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html
x_refsource_CONFIRM
20080501 Team SHATTER Security Advisory: Oracle Database SQL Injection in SYS.DBMS_CDC_UTILITY.LOCK_CHANGE_SET (DB02)
mailing-list
x_refsource_BUGTRAQ
29874
third-party-advisory
x_refsource_SECUNIA
SSRT061201
vendor-advisory
x_refsource_HP
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now