Description

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to "Advisor" and "Select Any Dictionary" privileges.

Remediation

References

CVE-2014-2406

Related Vulnerabilities

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-9585)

Drupal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2250)

WordPress Plugin Simple Personal Message SQL Injection (1.0.3)

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43730)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4591)

Severity

High

Classification

CVE-2014-2406

Tags

Missing Update Known Vulnerabilities