Summary
This host is running Oracle database and is prone to multiple vulnerabilities.
Impact
Successful exploitation allows remote authenticated users to execute arbitrary SQL commands via unknown vectors.
Impact Level: Application
Solution
Apply patches from below link,
http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html
Insight
The flaw is due to an errors in the Upgrade/Downgrade component.
Affected
Oracle Database server versions 9.0.1.5, 9.2.0.7 and 10.1.0.5
References
Severity
Classification
-
CVE CVE-2007-2113, CVE-2007-2118 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- MySQL 5.5.20 Unspecified Remote Code Execution Vulnerability
- IBM SolidDB 'solid.exe' Handshake Remote Code Execution Vulnerability
- SAP MaxDB 'serv.exe' Unspecified Remote Code Execution Vulnerability
- Oracle MySQL Multiple Unspecified vulnerabilities-01 Feb15 (Windows)
- Oracle Database Server Multiple Unspecified Vulnerabilities-01 April2014