CVE-2006-0269

Name of the Vulnerable Software and Affected Versions Oracle Database server versions 10.1.0.5 through 10.2.0.1

Description The issue is related to an unspecified vulnerability in the Streams Capture component, potentially allowing SQL injection in the SET DIRECTORY ROOT function within the DBMS CDC PUBLISH package. Details about the vulnerability are limited due to unavailability from Oracle.

Recommendations For Oracle Database server versions 10.1.0.5 through 10.2.0.1, consider restricting access to the DBMS CDC PUBLISH package as a temporary mitigation measure until a patch is available. Avoid using the SET DIRECTORY ROOT function in the affected package to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.