CVE-2007-5504

Severity

65%

Complexity

80%

Confidentiality

106%

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINK_INFO procedure in the DBMS_AQADM_SYS package.

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINK_INFO procedure in the DBMS_AQADM_SYS package.

CVSS 2.0 Base Score 6.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P).

Overview

First reported 17 years ago

2007-10-17 23:17:00

Last updated 6 years ago

2018-10-15 21:45:00

Affected Software

オラクル データベースサーバ 9.0.1.5

9.0.1.5

オラクル データベースサーバ 10g 10.1.0.5

10.1.0.5

References

SSRT061201

27251

Vendor Advisory

27409

Vendor Advisory

http://www.appsecinc.com/resources/alerts/oracle/2007-08.shtml

http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html

20071029 Team SHATTER Alert: Oracle Database Buffer overflow vulnerability in procedure DBMS_AQADM_SYS.DBLINK_INFO

26235

1018823

TA07-290A

US Government Resource

ADV-2007-3524

Vendor Advisory

ADV-2007-3626

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.