Description
Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors related to the Log Miner component and sys.dbms_log_mnr privileges, aka DB04. NOTE: Oracle has not disputed a reliable researcher claim that this is a buffer overflow in the ADD_LOGFILE procedure for the SYS.DBMS_LOGMNR package that allows code execution.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Support Plus Responsive Ticket System Privilege Escalation (7.1.4)
WordPress Plugin BetterLinks-Shorten, Track and Manage any URL Cross-Site Scripting (1.2.5)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2017-9120)
WordPress Plugin Catchers Helpdesk and Ticket system for Support Cross-Site Scripting (1.0.3)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0792)