CVE-2006-5351
Wielokrotne nieokreślone podatności w Oracle Application Express mogą prowadzić do zdalnych ataków.
Multiple unspecified vulnerabilities in Oracle Application Express (formerly Oracle HTML DB) 1.5 up to 2.0 have unknown impact and remote attack vectors, aka Vuln# (1) APEX01, (2) APEX02, (3) APEX03, (4) APEX05, (5) APEX06, (6) APEX07, (7) APEX08, (8) APEX09, (9) APEX10, (10) APEX11, (11) APEX12, (12) APEX13, (13) APEX14, (14) APEX15, (15) APEX16, (16) APEX17, (17) APEX18, (18) APEX19, (19) APEX22, (20) APEX23, (21) APEX24, (22) APEX25, (23) APEX26, (24) APEX27, (25) APEX28, (26) APEX29, (27) APEX30, (28) APEX31, (29) APEX32, (30) APEX33, (31) APEX34, and (32) APEX35. NOTE: as of 20061027, it is likely that some of these identifiers are associated with cross-site scripting (XSS) in WWV_FLOW_ITEM_HELP and NOTIFICATION_MSG, but these have been provided separate identifiers.
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 9.0 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 0.7% |
| Opublikowano (NVD) | 2006-10-18 01:07:00 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-23 00:35:47 UTC |
- http://secunia.com/advisories/22396 (cve@mitre.org) [Vendor Advisory]
- http://securitytracker.com/id?1017077 (cve@mitre.org)
- http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html (cve@mitre.org)
- http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html (cve@mitre.org)
- http://www.securityfocus.com/archive/1/449711/100/0/threaded (cve@mitre.org)
- http://www.securityfocus.com/bid/20588 (cve@mitre.org) [Patch]
- http://www.us-cert.gov/cas/techalerts/TA06-291A.html (cve@mitre.org) [US Government Resource]
- http://www.vupen.com/english/advisories/2006/4065 (cve@mitre.org) [Vendor Advisory]