Description

Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists (DACLs), which allows local users to gain privileges.

Remediation

References

CVE-2007-1442

Related Vulnerabilities

WordPress Plugin Simple Sitemap-Create a Responsive HTML Sitemap Security Bypass (3.5.4)

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7890)

WordPress Plugin Facebook Like Box Multiple Vulnerabilities (2.9.1)

Joomla! Core 4.2.0 Information Disclosure (4.2.0)

Joomla! Core 1.7.0 Cross-Site Scripting (1.7.0)

Severity

High

Classification

CVE-2007-1442

Tags

Missing Update Known Vulnerabilities