Description
Multiple unspecified vulnerabilities in the Change Data Capture (CDC) component in Oracle Database 9.2.0.7, 10.1.0.5, and have unknown impact and remote authenticated attack vectors related to (1) sys.dbms_cdc_ipublish (Vuln# DB05) and (2) sys.dbms_cdc_isubscribe (DB06). NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB05 is for SQL injection in CREATE_CHANGE_TABLE and CHANGE_TABLE_TRIGGER, and DB06 is for PL/SQL injection in the PREPARE_UNBOUNDED_VIEW procedure.
Remediation
References
Related Vulnerabilities
Next.js Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-44577)
Python Improper Input Validation Vulnerability (CVE-2018-20852)
WordPress Plugin KNR Author List Widget 'listItem[]' Parameter SQL Injection (2.0.0)
WordPress Plugin We�re Open! Cross-Site Scripting (1.41)
Oracle Database Server CVE-2015-4796 Vulnerability (CVE-2015-4796)