CVE-2007-5504

Name of the Vulnerable Software and Affected Versions: Oracle Database versions 9.0.1.5 and later, 10.1.0.5

Description: The issue concerns multiple unspecified vulnerabilities in Oracle Database, related to the Import component and Advanced Queuing. Specifically, it involves a potential buffer overflow in the DBLINK INFO procedure within the DBMS AQADM SYS package. The impact and attack vectors of these vulnerabilities are unknown.

Recommendations: For Oracle Database versions 9.0.1.5 and later, 10.1.0.5, consider restricting access to the DBMS AQADM SYS package and the DBLINK INFO procedure as a temporary mitigation measure until a patch is available. Additionally, limit the use of the Import component and Advanced Queuing features to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.