Description
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 have unknown impact and remote authenticated attack vectors related to (1) SDO_UTIL in the Oracle Spatial component, aka DB05; or (2) fine grained auditing in the Audit component, aka DB14. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB05 is SQL injection.
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2006-1884)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17571)
WordPress Plugin FireCask Like & Share Button Cross-Site Scripting (1.1.5)
WordPress Plugin Twitter Friends Widget Cross-Site Scripting (3.1)
WordPress Plugin Share Buttons by AddThis Cross-Site Scripting (4.0.7)