NVD

Id
61200  
Name
CVE-2006-2505  
Description
Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via a reference to a malicious package in the TYPE_NAME argument in the (1) GET_DOMAIN_INDEX_TABLES or (2) GET_V2_DOMAIN_INDEX_TABLES function in the DBMS_EXPORT_EXTENSION package.  
Reject
 
CVSS Version
2  
CVSS Score
3.6  
Severity
Low  
CVSS Base Score
3.6  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:N/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-05-22  
Modified Date
2008-09-05  
Seq
2006-2505  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
316324 61200 CVE-2006-2505 VU#932124  View
316325 61200 CVE-2006-2505 20060426 Recent Oracle exploit is _actually_ an 0day with no patch  View
316326 61200 CVE-2006-2505 20060427 Re: Recent Oracle exploit is _actually_ an 0day with no patch  View
316327 61200 CVE-2006-2505 20060427 Re: Recent Oracle exploit is _actually_ an 0day with no patch  View
316328 61200 CVE-2006-2505 17699  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
58216 JVNDB-2006-000412 Oracle Database の DBMS_EXPORT_EXTENSION パッケージにおける SQL インジェクションの脆弱性 Oracle Database には、DBMS_EXPORT_EXTENSION パッケージの GET_DOMAIN_INDEX_TABLES あるいは GET_V2_DOMAIN_INDEX_TABLES 関数の呼び出しにより、任意の SQL クエリを実行される脆弱性が存在します。 CVE-2006-2505 18607 CVE-2006-2505 61200 3.6 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000412.html 2006-07-18 2007-04-01 View