CVE-2006-1705

Name of the Vulnerable Software and Affected Versions: Oracle Database versions 9.2.0.0 through 10.2.0.3

Description: The issue allows local users with SELECT privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view.

Recommendations: For Oracle Database versions 9.2.0.0 through 10.2.0.3, consider restricting SELECT privileges for base tables to minimize the risk of exploitation. As a temporary workaround, limit the ability to create views for users with SELECT privileges until a patch is available.