CVE-2006-1705 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-1705
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1705

Description: Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25696 ST 1015886 SAID Secunia Advisory: SA19574 MISC http://www.red-database-security.com/advisory/oracle_modify_data_via_views.html FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044990.html CERT-VN 805737 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/430434/100/0/threaded BID 17426

Return to the previous page.