fkie_cve-2006-0435
Vulnerability from fkie_nvd
Published
2006-01-26 11:07
Modified
2025-04-03 01:03
Severity ?
Summary
Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CC62E1B2-6964-4459-A1EF-A6A087C2960F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:1.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "86DD9A13-E533-48B2-B5EB-9B7A0124D594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:1.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E13AEBC-7718-4206-98EC-95E9228469C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:1.0.2.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "6A6F28FD-6EAD-4EDD-B9A1-0B120D0F0919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4ED2EB-1E90-4E99-AAD6-5D838800F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:1.0.2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C0160E00-D722-40CE-976C-77CB91C1B94D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D809B0B7-70EF-47C5-B91F-923E999CA7FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DB37CB05-942B-460C-8F1E-2098A4B5F6AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:9.2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A6834D6B-859F-4F69-ADF8-4A2BA6672869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:10.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1B82E1-D1AD-46F2-8B95-117F38563FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:10.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC5FDD9-F24C-4DA2-9CE3-96522DB4A10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:10.1.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DDECF110-F375-4A3C-8BA9-1CF69B6EF027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:10.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "77F36775-7D44-405E-8DE3-EBD71C9EE421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D94B7D50-4527-4C14-8A50-D4C0566F36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B4BAA9-D045-4D2B-8220-47F47ED936DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6C4D36-D9D1-4143-94AA-D8E08F23D2E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:application_server:10.1.2_.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A0D1B29-05BB-415E-ADA3-574F49D96AF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:1.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD3A735-3AD7-4732-BBC9-A305B5090760",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:1.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2910F99D-444C-4DC8-A5D8-6FCFEC11E8D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:1.0.2.1s_for_apps:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A629C4-F048-4BBB-97E6-F79A3326D471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:1.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3CDD9B5F-C0D5-48B9-9ED1-39023F67002F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:1.0.2.2_roll_up_2:*:*:*:*:*:*:*",
"matchCriteriaId": "09793D0F-453E-4384-AF0F-B6CCD51A1F74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "54FCC402-401B-4830-8181-78E49E1F1F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B72A661-9EAA-4B9B-8865-17C8A29871BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F41217E-C62F-41CD-84F3-CE498B61CD48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:9.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "19E6631E-0726-4F87-B5F9-FDF71A14A480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:9.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6D00E2D-141E-4D68-A606-407DA1D4E656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F261A3F-706A-4746-9707-85DBDDAD2C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:http_server:9.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7485BFF1-6863-4165-BE36-D656F39CF5EF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01."
}
],
"id": "CVE-2006-0435",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-01-26T11:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041899.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18621"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19712"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19859"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/402"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/403"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015544"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015961"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/169164"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/22719"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423029/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423673/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423819/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423822/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/424394/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16384"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0338"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1397"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1571"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041899.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/169164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423029/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423673/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423819/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423822/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/424394/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16384"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24363"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…