SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote malicious users to execute arbitrary SQL commands via the new.table_name or new.column_name parameters.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
oracle oracle9i 9.0.1.3 |
||
oracle oracle9i 9.0.1.4 |
||
oracle oracle9i 9.2.0.2 |
||
oracle oracle9i 9.0.1 |
||
oracle oracle9i 9.0.1.2 |
||
oracle oracle9i 9.0.2.3 |
||
oracle oracle9i 9.2.0.1 |
||
oracle database server 10.2.1 |
||
oracle oracle9i 9.0 |
||
oracle oracle9i 9.0.2.0.1 |
||
oracle oracle9i 9.0.2.1 |
||
oracle oracle9i 9.0.2.2 |
||
oracle oracle9i 9.0.2 |
||
oracle oracle9i 9.0.2.0.0 |
Vulmon