Description
Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 have unknown impact and remote authenticated attack vectors related to (1) mdsys.sdo_3gl, aka Vuln# DB20, and (2) mdsys.sdo_cs, aka DB21. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB20 is a buffer overflow in GEOM_OPERATION, and DB21 is related to a buffer overflow and SQL injection in TRANSFORM_LAYER.
Remediation
References
Related Vulnerabilities
WordPress Plugin W3 Total Cache Multiple Unspecified Vulnerabilities (0.9.5.1)
PHP Improper Input Validation Vulnerability (CVE-2011-0752)
WordPress Plugin BCS BatchLine Book Importer Security Bypass (1.5.7)
Jenkins Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2018-1999043)