CVE-2007-0268

Name of the Vulnerable Software and Affected Versions Oracle Database versions 9.0.1.5, 9.2.0.7, and 10.1.0.5

Description The issue involves multiple unspecified vulnerabilities in Oracle Database related to the Advanced Queuing component, Advanced Replication, and Oracle Text. These vulnerabilities are associated with specific components and privileges, including sys.dbms aqsys.dbms aq privileges, sys.dbms repcat untrusted, and ctxload. Researchers claim that some of these vulnerabilities may be related to SQL injection and buffer overflow issues in specific packages and procedures.

Recommendations For Oracle Database version 9.0.1.5, consider restricting access to the Advanced Queuing component and sys.dbms aqsys.dbms aq privileges to minimize the risk of exploitation. For Oracle Database version 9.2.0.7, consider disabling the UNREGISTER SNAPSHOT procedure in the DBMS REPCAT UNTRUSTED package as a temporary workaround. For Oracle Database version 10.1.0.5, consider limiting the use of Oracle Text and ctxload until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.