CVE Vulnerability

CVE-2007-5511

SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain.

6.5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://www.securitytracker.com/id?1018823
http://secunia.com/advisories/27251 Vendor Advisory
http://www.securityfocus.com/bid/26098
http://secunia.com/advisories/27409
http://securityreason.com/securityalert/3245
http://osvdb.org/40079
http://www.vupen.com/english/advisories/2007/3524
http://marc.info/?l=bugtraq&m=119332677525918&w=2
http://www.vupen.com/english/advisories/2007/3626
https://www.exploit-db.com/exploits/4572
https://www.exploit-db.com/exploits/4571
https://www.exploit-db.com/exploits/4570
http://www.securityfocus.com/archive/1/482429/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:oracle:database_server:*:*:*:*:*:*:*:*
Information

Published : 2007-10-17 11:17

Updated : 2018-10-15 09:45

NVD link : CVE-2007-5511

Mitre link : CVE-2007-5511

Products Affected
No products.
CWE
CWE-89