Back to search
CVE-2009-0977
Published: Apr 15, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is SQL injection in the GRANT_TYPE_ACCESS procedure in the DBMS_AQADM_SYS package.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
34461
vdb-entry
x_refsource_BID
34693
third-party-advisory
x_refsource_SECUNIA
TA09-105A
third-party-advisory
x_refsource_CERT
http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html
x_refsource_CONFIRM
20090416 SQL Injection in package DBMS_AQADM_SYS
mailing-list
x_refsource_BUGTRAQ
1022052
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now