CVE-2010-2415

Name of the Vulnerable Software and Affected Versions Oracle Database Server versions 10.1.0.5 through 11.2.0.1

Description The issue affects the confidentiality and integrity of the system, allowing remote authenticated users to exploit it. It is related to the DBMS CDC PUBLISH component in the Change Data Capture component. Additionally, the current Oracle version has multiple issues that enable remote attackers to bypass security restrictions, execute arbitrary SQL commands, and access sensitive data.

Recommendations For Oracle Database Server versions 10.1.0.5 through 11.2.0.1, consider restricting access to the DBMS CDC PUBLISH component until a fix is available. As a temporary workaround, limit the execution of arbitrary SQL commands to minimize the risk of exploitation. Restrict access to sensitive data to prevent unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.