Description

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to "Advisor" and "Select Any Dictionary" privileges.

Remediation

References

CVE-2014-2406

Related Vulnerabilities

Atlassian Confluence Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-22504)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2359)

phpMyFAQ Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-6048)

MySQL CVE-2014-4258 Vulnerability (CVE-2014-4258)

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-5344)

Severity

High

Classification

CVE-2014-2406

Tags

Missing Update Known Vulnerabilities