Description

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_geom, aka Vuln# DB22. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB22 is related to "length checking" in the RELATE function before MD2.RELATE is called.

Remediation

References

CVE-2006-5345

Related Vulnerabilities

Piwigo Improper Access Control Vulnerability (CVE-2016-10084)

PHP Numeric Errors Vulnerability (CVE-2007-1001)

WordPress Plugin flickr picture backup Arbitrary File Upload (0.7)

Apache HTTP Server Other Vulnerability (CVE-2004-0885)

WordPress Plugin WPMovieLibrary Multiple Cross-Site Scripting Vulnerabilities (2.1.4.1)

Severity

Critical

Classification

CVE-2006-5345

Tags

Missing Update Known Vulnerabilities