Description

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to "Advisor" and "Select Any Dictionary" privileges.

Remediation

References

CVE-2014-2406

Related Vulnerabilities

MODX Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2014-2736)

SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17315)

Java Unspesificed Vulnerability (CVE-2019-2422)

Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-42121)

Chamilo Improper Input Validation Vulnerability (CVE-2012-4030)

Severity

High

Classification

CVE-2014-2406

Tags

Missing Update Known Vulnerabilities