Description

The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20.

Remediation

References

CVE-2007-5506

Related Vulnerabilities

Apache Traffic Server Integer Overflow or Wraparound Vulnerability (CVE-2018-9481)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.3)

Nexus Repository Manager Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2019-15588)

silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5063)

PHP Deserialization of Untrusted Data Vulnerability (CVE-2017-11143)

Severity

High

Classification

CVE-2007-5506

Tags

Missing Update Known Vulnerabilities