Oracle Database Server Vulnerability - CVE-2006-3702
Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4 9.0.1.5 9.2.0.7 10.1.0.5 and 10.2.0.2 have unknown impact and attack vectors aka Oracle Vuln (1) DB06 in Export (2) DB08 (3) DB09 (4) DB10 (5) DB11 (6) DB12 (7) DB13 (8) DB14 and (9) DBC01 for OCI (10) DB16 for Query Rewrite/Summary Mgmt (11) DB17 (12) DB18 (13) DB19 (14) DBC02 (15) DBC03 and (16) DBC04 for RPC and (17) DB20 for Semantic Analysis. NOTE: as of 20060719 Oracle has not disputed third party claims that DB06 is related to quotSQL injectionquot using DBMS_EXPORT_EXTENSION with a modified ODCIIndexGetMetadata routine and a call to GET_DOMAIN_INDEX_METADATA in which case DB06 might be CVE-2006-2081.