Oracle Database Server Vulnerability - CVE-2006-0260

Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 and 10.1.0.5 have unspecified impact and attack vectors as identified by Oracle Vuln (1) DB05 in the (a) Data Pump component (2) DB15 in the (b) Oracle Text component (3) DB22 in the (c) Streams Apply component (4) DB23 and (5) DB24 in the (d) Streams Capture component and (6) DB26 in the (e) Streams Subcomponent. NOTE: details are unavailable from Oracle but they have not publicly disputed a claim by a reliable independent researcher that states that DB05 involves SQL injection in the (f) LONG2VARCHAR LONG2VCMAX LONG2VCNT and LONG2CLOB functions in the DBMS_METADATA_UTIL package (g) MAKE_FILTER FETCH_VIEWS_ERROR FETCH_FILTERS FETCH_VIEWS SET_FILTER_COMMON DO_FILTER_SCRIPT SET_TABLE_FILTERS and MAKE_FILTER_TEXT functions in the DBMS_METADATA_INT package and (h) GET_PREPOST_TABLE_ACT function in the DBMS_METADATA package.