{ "schema_version": "1.4.0", "id": "GHSA-v88h-xvv4-mqxq", "modified": "2022-05-01T23:43:45Z", "published": "2022-05-01T23:43:45Z", "aliases": [ "CVE-2008-1816" ], "details": "Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 have unknown impact and remote authenticated attack vectors related to (1) SDO_UTIL in the Oracle Spatial component, aka DB05; or (2) fine grained auditing in the Audit component, aka DB14. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB05 is SQL injection.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-1816" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41999" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42000" }, { "type": "WEB", "url": "http://secunia.com/advisories/29829" }, { "type": "WEB", "url": "http://secunia.com/advisories/29874" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html" }, { "type": "WEB", "url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_util.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/490918/100/0/threaded" }, { "type": "WEB", "url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded" }, { "type": "WEB", "url": "http://www.securitytracker.com/id?1019855" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2008/1233/references" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2008/1267/references" } ], "database_specific": { "cwe_ids": [], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2008-04-16T10:05:00Z" } }