ID CVE-2006-0285
Summary Unspecified vulnerability in the Java Net component of Oracle Database Server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.4, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Oracle Vuln# JN01.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:8.1.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:8.1.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.0.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.0.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.2.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.7:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 20-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 16287
cert-vn VU#545804
confirm http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html
sectrack 1015499
secunia
  • 18493
  • 18608
vupen
  • ADV-2006-0243
  • ADV-2006-0323
xf oracle-january2006-update(24321)
saint via4
bid 16287
description Oracle XML Component DBMS_XMLSCHEMA.GENERATESCHEMA buffer overflow
id database_oracle_version
osvdb 22567
title oracle_xml_generateschema
type remote
Last major update 20-07-2017 - 01:29
Published 18-01-2006 - 11:03
Last modified 20-07-2017 - 01:29
Back to Top