{ "id": "CVE-2006-0435", "sourceIdentifier": "cve@mitre.org", "published": "2006-01-26T11:07:00.000", "lastModified": "2024-11-21T00:06:27.507", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "baseScore": 7.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL" }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD38E99A-864A-4E99-B6A5-12AACDA822E3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC62E1B2-6964-4459-A1EF-A6A087C2960F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:1.0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "86DD9A13-E533-48B2-B5EB-9B7A0124D594" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:1.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3E13AEBC-7718-4206-98EC-95E9228469C7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:1.0.2.1s:*:*:*:*:*:*:*", "matchCriteriaId": "6A6F28FD-6EAD-4EDD-B9A1-0B120D0F0919" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "DC4ED2EB-1E90-4E99-AAD6-5D838800F9B7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:1.0.2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C0160E00-D722-40CE-976C-77CB91C1B94D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFAE1E8A-644B-42FD-B149-89AD420BD7A7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8075E330-5819-4105-9BB7-4DCC3C0EAEF9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB346764-EDF2-4BE1-A273-C2CE9A173CFB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E59B89D9-AAF9-40CB-931C-EB4958491B99" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C64888FB-133F-4930-8368-1BD2A4FB11A6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "87DEB7BD-FB71-4C22-A0FF-89923B263DC2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "BAAD1A33-4333-4AFB-8D49-1274AE345BA9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "852BF209-3C6F-403B-920D-50C46D37515B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F6A3E2D8-617C-4740-B662-F8884CE26BF1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4FFBB096-523E-4634-ADC4-6CFB03F9577B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "D809B0B7-70EF-47C5-B91F-923E999CA7FB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "DB37CB05-942B-460C-8F1E-2098A4B5F6AE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:9.2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "A6834D6B-859F-4F69-ADF8-4A2BA6672869" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:10.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C1B82E1-D1AD-46F2-8B95-117F38563FC6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:10.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "6FC5FDD9-F24C-4DA2-9CE3-96522DB4A10E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:10.1.0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "DDECF110-F375-4A3C-8BA9-1CF69B6EF027" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:10.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "77F36775-7D44-405E-8DE3-EBD71C9EE421" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:10.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D94B7D50-4527-4C14-8A50-D4C0566F36BA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F0B4BAA9-D045-4D2B-8220-47F47ED936DF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE6C4D36-D9D1-4143-94AA-D8E08F23D2E3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:application_server:10.1.2_.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A0D1B29-05BB-415E-ADA3-574F49D96AF4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:1.0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CAD3A735-3AD7-4732-BBC9-A305B5090760" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:1.0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "2910F99D-444C-4DC8-A5D8-6FCFEC11E8D8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:1.0.2.1s_for_apps:*:*:*:*:*:*:*", "matchCriteriaId": "D8A629C4-F048-4BBB-97E6-F79A3326D471" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:1.0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3CDD9B5F-C0D5-48B9-9ED1-39023F67002F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:1.0.2.2_roll_up_2:*:*:*:*:*:*:*", "matchCriteriaId": "09793D0F-453E-4384-AF0F-B6CCD51A1F74" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:8.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "54FCC402-401B-4830-8181-78E49E1F1F72" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:9.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8B72A661-9EAA-4B9B-8865-17C8A29871BB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:9.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "6F41217E-C62F-41CD-84F3-CE498B61CD48" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:9.0.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "19E6631E-0726-4F87-B5F9-FDF71A14A480" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:9.0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "B6D00E2D-141E-4D68-A606-407DA1D4E656" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "7F261A3F-706A-4746-9707-85DBDDAD2C04" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:http_server:9.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7485BFF1-6863-4165-BE36-D656F39CF5EF" } ] } ] } ], "references": [ { "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html", "source": "cve@mitre.org" }, { "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041899.html", "source": "cve@mitre.org" }, { "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/18621", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/19712", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/19859", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://securityreason.com/securityalert/402", "source": "cve@mitre.org" }, { "url": "http://securityreason.com/securityalert/403", "source": "cve@mitre.org" }, { "url": "http://securitytracker.com/id?1015544", "source": "cve@mitre.org" }, { "url": "http://securitytracker.com/id?1015961", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.kb.cert.org/vuls/id/169164", "source": "cve@mitre.org", "tags": [ "US Government Resource" ] }, { "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html", "source": "cve@mitre.org" }, { "url": "http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html", "source": "cve@mitre.org" }, { "url": "http://www.osvdb.org/22719", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/423029/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/423673/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/423819/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/423822/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/424394/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/16384", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2006/0338", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.vupen.com/english/advisories/2006/1397", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.vupen.com/english/advisories/2006/1571", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24363", "source": "cve@mitre.org" }, { "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041899.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/18621", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/19712", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/19859", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://securityreason.com/securityalert/402", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://securityreason.com/securityalert/403", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://securitytracker.com/id?1015544", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://securitytracker.com/id?1015961", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ] }, { "url": "http://www.kb.cert.org/vuls/id/169164", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ] }, { "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.osvdb.org/22719", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/423029/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/423673/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/423819/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/423822/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/424394/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/432267/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/bid/16384", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.vupen.com/english/advisories/2006/0338", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.vupen.com/english/advisories/2006/1397", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.vupen.com/english/advisories/2006/1571", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24363", "source": "af854a3a-2127-422b-91ae-364da2661108" } ] }