Description

Unspecified vulnerability in Oracle Spatial component in Oracle Database 10.2.0.2 has unknown impact and remote authenticated attack vectors related to "create session" privileges, aka Vuln# DB02. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB02 is for SQL injection in the SDO_DROP_USER_BEFORE package using a Trigger for a DROP USER statement in an anonymous PL/SQL block.

Remediation

References

CVE-2006-5333

Related Vulnerabilities

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2019-9637)

WordPress Plugin Themify Portfolio Post Cross-Site Scripting (1.1.9)

WordPress Plugin Compact WP Audio Player Cross-Site Scripting (1.9.7)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.24)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4542)

Severity

High

Classification

CVE-2006-5333

Tags

Missing Update Known Vulnerabilities