NVD

Id
63933  
Name
CVE-2006-5332  
Description
Unspecified vulnerability in xdb.dbms_xdbz in the XMLDB component for Oracle Database 9.2.0.6 and 10.1.0.4 has unknown impact and remote authenticated attack vectors, aka Vuln# DB01. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB01 is for PL/SQL injection in the ENABLE_HIERARCHY_INTERNAL procedure.  
Reject
 
CVSS Version
2  
CVSS Score
9  
Severity
High  
CVSS Base Score
9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:C/I:C/A:C)  
Pub Date
2016-12-20  
Published
2006-10-17  
Modified Date
2012-10-22  
Seq
2006-5332  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
333256 63933 CVE-2006-5332 1017077  View
333257 63933 CVE-2006-5332 http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf  View
333258 63933 CVE-2006-5332 VU#717140  View
333259 63933 CVE-2006-5332 http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html  View
333260 63933 CVE-2006-5332 http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html  View
333261 63933 CVE-2006-5332 http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_xdbz0.html  View
333262 63933 CVE-2006-5332 20061018 Analysis of the Oracle October 2006 Critical Patch Update  View
333263 63933 CVE-2006-5332 20061023 SQL Injection in package XDB.DBMS_XDBZ0  View
333264 63933 CVE-2006-5332 SSRT061201  View
333265 63933 CVE-2006-5332 20588  View
333266 63933 CVE-2006-5332 TA06-291A  View
333267 63933 CVE-2006-5332 ADV-2006-4065  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
58504 JVNDB-2006-000700 Oracle Database の XMLDB コンポーネントに SQL インジェクションの脆弱性 Oracle Database の XMLDB コンポーネントに脆弱性が存在します。(DB01) CVE-2006-5332 21434 CVE-2006-5332 63933 9 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000700.html 2006-10-17 2007-04-01 View