CVE-2006-2505

Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via a reference to a malicious package in the TYPE_NAME argument in the (1) GET_DOMAIN_INDEX_TABLES or (2) GET_V2_DOMAIN_INDEX_TABLES function in the DBMS_EXPORT_EXTENSION package.

Published : 2006-05-22 19:02 Updated : 2018-10-18 16:40

3.6
CVSS Score More info
Score 3.6 / 10
3.6
Vendor Product Version URI
Oracle Database Server release_2 cpe:/a:oracle:database_server:release_2
  1. Oracle (1) Search CVE
    1. Database Server (1) Search CVE
      1. Release_2

CWE

There is no CWE for this CVE.