Description
Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB12. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the (1) GEN_RID_RANGE_BY_AREA and (2) GEN_RID_RANGE functions in the MDSYS.SDO_PRIDX package.
Remediation
References
Related Vulnerabilities
WordPress Plugin Google Analytics Dashboard SQL Injection (2.0.4)
WordPress Plugin Anti-Malware Security and Brute-Force Firewall Cross-Site Scripting (4.15.22)
WordPress Plugin Quick Contact Form Multiple Vulnerabilities (8.0.3.1)
MySQL CVE-2019-2693 Vulnerability (CVE-2019-2693)
Oracle Database Server CVE-2011-2231 Vulnerability (CVE-2011-2231)