The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
oracle oracle10g personal 10.1.0.3 |
||
oracle oracle10g standard 10.1.0.3.1 |
||
oracle application server 10.1.0.3 |
||
oracle oracle10g enterprise 10.1.0.3 |
||
oracle oracle10g enterprise 10.1.0.3.1 |
||
oracle oracle10g standard 10.1.0.2 |
||
oracle oracle10g personal 10.1.0.3.1 |
||
oracle oracle10g personal 10.1.0.2 |
||
oracle oracle10g standard 10.1.0.3 |
||
oracle oracle10g enterprise 10.1.0.2 |
||
oracle application server 10.1.0.2 |
||
oracle application server 10.1.0.3.1 |
Vulmon