Description

Unspecified vulnerability in the Authentication component for Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and attack vectors, aka DB05. NOTE: as of 20070424, Oracle has not disputed reliable claims that this issue allows remote authenticated users to bypass the AUTH_ALTER_SESSION security policies via a logon trigger ("AFTER LOGON ON DATABASE" trigger directive), a related issue to CVE-2006-0547.

Remediation

References

CVE-2007-2112

Related Vulnerabilities

WordPress Plugin Portfolio Gallery-Photo Gallery Unspecified Vulnerability (2.3.0)

MySQL 7PK - Security Features Vulnerability (CVE-2016-2047)

Oracle Database Server CVE-2006-0265 Vulnerability (CVE-2006-0265)

Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-6531)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-3765)

Severity

Medium

Classification

CVE-2007-2112

Tags

Missing Update Known Vulnerabilities