{ "schema_version": "1.4.0", "id": "GHSA-cpmc-6m46-x7gx", "modified": "2022-05-01T17:42:51Z", "published": "2022-05-01T17:42:51Z", "aliases": [ "CVE-2007-0268" ], "details": "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) the Advanced Queuing component and sys.dbms_aqsys.dbms_aq privileges (DB01), (2) Advanced Replication and sys.dbms_repcat_untrusted (DB07), and (3) Oracle Text and ctxload (DB15). NOTE: Oracle has not publicly claims by reliable researchers that DB01 is for SQL injection in the SYS.DBMS_AQ_INV package, and DB07 is for a buffer overflow in the UNREGISTER_SNAPSHOT procedure in the DBMS_REPCAT_UNTRUSTED package.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-0268" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31541" }, { "type": "WEB", "url": "http://osvdb.org/32907" }, { "type": "WEB", "url": "http://osvdb.org/32913" }, { "type": "WEB", "url": "http://osvdb.org/32921" }, { "type": "WEB", "url": "http://secunia.com/advisories/23794" }, { "type": "WEB", "url": "http://securitytracker.com/id?1017522" }, { "type": "WEB", "url": "http://www.kb.cert.org/vuls/id/221788" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2007-101493.html" }, { "type": "WEB", "url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aq_inv.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/458005/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/458475/100/100/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/22083" }, { "type": "WEB", "url": "http://www.us-cert.gov/cas/techalerts/TA07-017A.html" } ], "database_specific": { "cwe_ids": [], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2007-01-17T02:28:00Z" } }