Vulnerabilities > CVE-2007-5506 - Resource Management Errors vulnerability in Oracle Database Server

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
oracle
CWE-399
nessus

Summary

The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20.

Common Weakness Enumeration (CWE)

Nessus

NASL familyDatabases
NASL idORACLE_RDBMS_CPU_OCT_2007.NASL
descriptionThe remote Oracle database server is missing the October 2007 Critical Patch Update (CPU) and therefore is potentially affected by security issues in the following components : - Advanced Security Option - Advanced Queuing - Core RDBMS - Database Control - Export - Import - Oracle Database Vault - Oracle Help for Web - Oracle Internet Directory - Oracle Net Services - Oracle Text - Spatial - SQL Execution - XML DB - Workspace Manager
last seen2020-06-02
modified2011-11-16
plugin id56058
published2011-11-16
reporterThis script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/56058
titleOracle Database Multiple Vulnerabilities (October 2007 CPU)