SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter.
References
Link | Resource |
---|---|
http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf | Patch Vendor Advisory |
http://www.us-cert.gov/cas/techalerts/TA05-117A.html | US Government Resource |
http://www.kb.cert.org/vuls/id/948486 | US Government Resource |
http://marc.info/?l=bugtraq&m=111385690419118&w=2 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2005-05-01 21:00
Updated : 2016-10-17 20:18
NVD link : CVE-2005-1197
Mitre link : CVE-2005-1197
JSON object : View
CWE
Products Affected
oracle
- database_server