WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle Database Server CVE-2007-2114 Vulnerability (CVE-2007-2114)

Description

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 have unknown impact and remote authenticated attack vectors, related to (1) Change Data Capture (CDC), aka DB08, and (2) Oracle Instant Client, aka DB11. NOTE: as of 20070424, oracle has not disputed reliable claims that these issues are buffer overflows using a long CHANGE_TABLE_NAME parameter to the DBMS_CDC_IPUBLISH.CHGTAB_CACHE procedure (DB08) and Oracle Instant Client genezi utility (DB11).

Remediation

References

Related Vulnerabilities

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3662)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-1692)

WebLogic CVE-2023-21841 Vulnerability (CVE-2023-21841)

WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.69)

MySQL CVE-2021-2193 Vulnerability (CVE-2021-2193)

Severity

Critical

Classification

CVE-2007-2114

Tags

Missing Update Known Vulnerabilities