PT-2006-6065 · Oracle · Oracle Database

Publicado

2006-10-18

Atualizado

2018-10-17

CVE-2006-5345

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Oracle Database versions 9.0.1.5, 9.2.0.7, and 10.1.0.4

Description The issue is related to the Oracle Spatial component, specifically the mdsys.sdo geom package, and involves a problem with "length checking" in the RELATE function before MD2.RELATE is called. The impact and full details of the issue are not specified, but it is known to have remote authenticated attack vectors.

Recommendations For Oracle Database version 9.0.1.5, there is no information about a newer version that contains a fix for this issue. For Oracle Database version 9.2.0.7, there is no information about a newer version that contains a fix for this issue. For Oracle Database version 10.1.0.4, there is no information about a newer version that contains a fix for this issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-5345

Produtos afetados

Oracle Database

PT-2006-6065 · Oracle · Oracle Database

CVE-2006-5345

Identificadores relacionados

Produtos afetados

Referências · 12