Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle apex 1.5.0 |
||
oracle apex 1.6.1 |
||
oracle application server 10.1.2.2.0 |
||
oracle application server 10.1.3.0.0 |
||
oracle database server 10.2.0.2 |
||
oracle database server 10.2.0.3 |
||
oracle database server 9.0.1.5 |
||
oracle e-business suite 11.5.9 |
||
oracle e-business suite 12.0.0 |
||
oracle peoplesoft enterprise peopletools 8.47 |
||
oracle peoplesoft enterprise peopletools 8.48 |
||
oracle application server 10.1.2.0.2 |
||
oracle application server 10.1.2.1.0 |
||
oracle collaboration suite 10.1.2 |
||
oracle database server 10.1.0.5 |
||
oracle e-business suite 11.5.10.2 |
||
oracle e-business suite 11.5.8 |
||
oracle peoplesoft enterprise human capital management 9.0 |
||
oracle peoplesoft enterprise peopletools 8.22 |
||
oracle application server 1.0.2.2 |
||
oracle application server 10.1.2.0.1 |
||
oracle application server 10.1.3.3.0 |
||
oracle application server 9.0.4.3 |
||
oracle database server 9.2.0.8dv |
||
oracle e-business suite 11.5.10 |
||
oracle peoplesoft enterprise customer relationship management 9.0 |
||
oracle peoplesoft enterprise human capital management 8.9 |
||
oracle secure enterprise search 10.1.8 |
||
oracle apex 2.0 |
||
oracle apex 2.2 |
||
oracle application server 10.1.3.1.0 |
||
oracle application server 10.1.3.2.0 |
||
oracle database server 9.2.0.7 |
||
oracle database server 9.2.0.8 |
||
oracle e-business suite 12.0.1 |
||
oracle peoplesoft enterprise customer relationship management 8.9 |
||
oracle peoplesoft enterprise peopletools 8.49 |
||
oracle secure enterprise search 10.1.6 |