Description

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB21 for Statistics and (2) DB22 for Upgrade & Downgrade. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB21 is for a local SQL injection vulnerability in SYS.DBMS_STATS, and that DB22 is for SQL injection in SYS.DBMS_UPGRADE.

Remediation

References

CVE-2006-3705

Related Vulnerabilities

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress PHP Code Injection (3.6.10)

XWikiplatform Missing Authorization Vulnerability (CVE-2024-31981)

WordPress Plugin LB Tube Video for WordPress Cross-Site Scripting (1.0)

MongoDb Improper Certificate Validation Vulnerability (CVE-2023-1409)

WordPress Plugin RSS Aggregator by Feedzy-Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator Cross-Site Request Forgery (3.4.2)

Severity

Critical

Classification

CVE-2006-3705

Tags

Missing Update Known Vulnerabilities