Description
Unspecified vulnerability in the Change Data Capture (CDC) component in Oracle Database 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors, aka DB09. NOTE: as of 20070424, oracle has not disputed reliable claims that this issue involves multiple SQL injection vulnerabilities in the DBMS_CDC_PUBLISH with remote authenticated vectors involving the "java classes in CDC.jar."
Remediation
References
Related Vulnerabilities
Ruby Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3655)
MySQL Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-4098)
WordPress Plugin Yoast SEO SQL Injection (1.7.3.3)
WordPress Plugin rtMedia for WordPress, BuddyPress and bbPress SQL Injection (3.7.39)