Description
The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.
Remediation
References
Related Vulnerabilities
ownCloud Improper Authentication Vulnerability (CVE-2014-9043)
WordPress Plugin Media Library Categories Multiple Cross-Site Scripting Vulnerabilities (1.1.1)
MySQL CVE-2019-2455 Vulnerability (CVE-2019-2455)
PHP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-31628)
WordPress Plugin Mang Board WP Unspecified Vulnerability (2.0.3)