CVE-2007-0273

Severity

43%

Complexity

86%

Confidentiality

48%

Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting (XSS) vulnerabilities.

Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting (XSS) vulnerabilities.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N).

Overview

First reported 18 years ago

2007-01-17 02:28:00

Last updated 7 years ago

2017-07-29 01:30:00

Affected Software

オラクル データベースサーバ 9.0.1.5

9.0.1.5

Oracle Database Server 9.2.0.8

9.2.0.8

オラクル データベースサーバ 10g 10.1.0.5

10.1.0.5

オラクル データベースサーバ 10g 10.2.0.3

10.2.0.3

References

32912

23794

Patch, Vendor Advisory

1017522

http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html

http://www.red-database-security.com/advisory/oracle_xmldb_css2.html

22083

TA07-017A

Patch, US Government Resource

oracle-cpu-jan2007(31541)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.