CVE-2007-0274 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-0274
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-0274

Description: Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10.1.0.5 have unknown impact and attack vectors related to (1) Export and sys.dbms_logrep_util (DB08), and (2) Oracle Streams and sys.dbms_capture_adm_internal privileges (DB09). NOTE: Oracle has not disputed reliable researcher claims that DB08 is for a buffer overflow in the GET_OBJECT_NAME procedure in the DBMS_LOGREP_UTIL package, and DB09 is for buffer overflows in the CREATE_CAPTURE, ALTER_CAPTURE, and ABORT_TABLE_INSTANTIATION procedures in SYS.DBMS_CAPTURE_ADM_INTERNAL.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/31541 ST 1017522 SAID Secunia Advisory: SA23794 OSVDB 32914 32915 CONFIRM http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html CERT http://www.us-cert.gov/cas/techalerts/TA07-017A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/458041/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/458037/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/458112/100/100/threaded http://www.securityfocus.com/archive/1/archive/1/458475/100/100/threaded http://www.securityfocus.com/archive/1/archive/1/458126/100/0/threaded BID 22083

Return to the previous page.