Description
Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.
Remediation
References
Related Vulnerabilities
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.22)
MySQL CVE-2015-4769 Vulnerability (CVE-2015-4769)
WordPress Plugin Donorbox-Free Recurring Donation Form Cross-Site Scripting (7.1.1)
Oracle Application Server Other Vulnerability (CVE-2002-0564)
PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2007-4652)