Description
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) the Advanced Queuing component and sys.dbms_aqsys.dbms_aq privileges (DB01), (2) Advanced Replication and sys.dbms_repcat_untrusted (DB07), and (3) Oracle Text and ctxload (DB15). NOTE: Oracle has not publicly claims by reliable researchers that DB01 is for SQL injection in the SYS.DBMS_AQ_INV package, and DB07 is for a buffer overflow in the UNREGISTER_SNAPSHOT procedure in the DBMS_REPCAT_UNTRUSTED package.
Remediation
References
Related Vulnerabilities
Moodle Other Vulnerability (CVE-2004-2232)
WordPress Plugin Featured Content 'param' Parameter Cross-Site Scripting (0.0.1)
WordPress Plugin Gallery by BestWebSoft Arbitrary File Disclosure (3.8.3)
WordPress Plugin Visitor Traffic Real Time Statistics Unspecified Vulnerability (2.13)
WordPress Plugin WP Featured Post with thumbnail 'src' Parameter Cross-Site Scripting (3.0)