Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2007-0268

CVE information

Published

15 years ago

Last Modified

4 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

Description

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) the Advanced Queuing component and sys.dbms_aqsys.dbms_aq privileges (DB01), (2) Advanced Replication and sys.dbms_repcat_untrusted (DB07), and (3) Oracle Text and ctxload (DB15). NOTE: Oracle has not publicly claims by reliable researchers that DB01 is for SQL injection in the SYS.DBMS_AQ_INV package, and DB07 is for a buffer overflow in the UNREGISTER_SNAPSHOT procedure in the DBMS_REPCAT_UNTRUSTED package..

CVSSv2.0 Score

Severity
Medium
Base Score
6.5/10
Exploit Score
8/10
Access Vector
Network
Access Complexity
Low
Authentication Required
Single
Impact Score
6.4/10
Confidentiality Impact
Partial
Availability Impact
Partial
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:oracle:database_server:9.0.1.5:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:oracle:database_server:9.2.0.7:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
  Yes
- -