Description
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via (1) DBMS_JAVA_TEST in the JavaVM component (DB01), (2) Oracle Text component (DB09), and (3) MDSYS.SDO_GEOR_INT in the Spatial component (DB15). NOTE: a reliable researcher claims that DB01 is SQL injection in DBMS_PRVTAQIS.
Remediation
References
Related Vulnerabilities
WordPress Plugin HT Slider Range for Amazon affiliates Cross-Site Scripting (1.1.5)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000862)
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.10)
Oracle Database Server CVE-2011-0805 Vulnerability (CVE-2011-0805)