Oracle Database Server Upgrade and Downgrade Component Multiple Vulnerabilities

Summary

This host is running Oracle database and is prone to multiple vulnerabilities.

Impact

Successful exploitation allows remote authenticated users to execute arbitrary SQL commands via unknown vectors. Impact Level: Application

Solution

Apply patches from below link, http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html

Insight

The flaw is due to an errors in the Upgrade/Downgrade component.

Affected

Oracle Database server versions 9.0.1.5, 9.2.0.7 and 10.1.0.5

References

Updated on 2015-03-25

Severity

High Severity

Classification

CVE CVE-2007-2113, CVE-2007-2118

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities