Description
Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB12. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the (1) GEN_RID_RANGE_BY_AREA and (2) GEN_RID_RANGE functions in the MDSYS.SDO_PRIDX package.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-0432 Vulnerability (CVE-2013-0432)
WordPress Plugin Gravity Forms Unspecified Vulnerability (2.4.17)
WordPress Plugin User Activity Log Multiple Cross-Site Scripting Vulnerabilities (1.4.6)
WebLogic Improper Input Validation Vulnerability (CVE-2020-10693)
WordPress Plugin Quick Featured Images Cross-Site Scripting (12.3.5)