Description
SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 allows remote authenticated users to inject arbitrary SQL commands via unknown vectors, aka DB04. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB04 is actually for multiple vulnerabilities.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2012-0525 Vulnerability (CVE-2012-0525)
OpenSSL Resource Management Errors Vulnerability (CVE-2011-4619)
WordPress Plugin WordPress Responsive Preview Cross-Site Scripting (1.1)
Oracle Database Server Other Vulnerability (CVE-2006-7141)
WordPress Plugin Daily Inspiration Generator Open Redirect (2.0)