The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2) short entries contain any extra characters from usernames in previous entries, aka DB23.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle database server 9.2.0.8 |
||
oracle database server 9.2.0.8dv |
||
oracle database server 10.1.0.5 |