ID CVE-2006-7067
Summary Oracle 10g R2 and possibly other versions allows remote attackers to trigger internal errors, and possibly have other impacts, via an "alter session set events" command with invalid arguments. NOTE: this issue was originally disputed by a third party, but the dispute was retracted. NOTE: this issue was called an "integer overflow" in the original source, but this might be incorrect.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:10.2.1:r2:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.2.1:r2:*:*:*:*:*:*
CVSS
Base: 6.0 (as of 16-10-2018 - 16:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL HIGH SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:H/Au:S/C:C/I:C/A:C
refmap via4
bugtraq
  • 20060727 Oracle 10g R2 and, probably, all previous versions
  • 20060728 Oracle 10g R2 and, probably, all previous versions
fulldisc
  • 20060727 Oracle 10g R2 and, probably, all previous versions
  • 20060728 Oracle 10g R2 and, probably, all previous versions
sreason 2328
Last major update 16-10-2018 - 16:29
Published 02-03-2007 - 21:18
Last modified 16-10-2018 - 16:29
Back to Top