Description
Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB02. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the CDC_ALLOCATE_LOCK function of the DBMS_CDC_UTILITY package.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Safe Search 'v1' Parameter Cross-Site Scripting (0.7)
WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-40690)
WordPress Plugin Convert Plus Security Bypass (3.4.4)
Oracle JRE CVE-2018-2811 Vulnerability (CVE-2018-2811)
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (4.0.1)