Secunia
Login
|
|
CVE Reference: CVE-2009-1991 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2009-1991 |
|
|
Description: Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to CTXSYS.DRVXTABC. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commented on claims from an established researcher that this is for multiple SQL injection vulnerabilities via the (1) idx_owner or (2) idx_name parameters to the create_tables procedure. |
|
|
CVE Status: Candidate |
|
|
References: ST 1023057 SAID Secunia Advisory: SA37027 OSVDB 59113 CONFIRM http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html CERT http://www.us-cert.gov/cas/techalerts/TA09-294A.html BID 36748 |
|
| Return to the previous page. |
