CVE-2006-0435

Published: Jan 26, 2006Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01.

Affected (40)

Products: Oracle: Application Server, Http Server

2 products

Application Server

Configuration A

40 vulnerable

Vulnerable Software	Affected Versions
Oracle Application Server	All versions
Oracle Application Server	Version 1.0.2.0
Oracle Application Server	Version 1.0.2.1
Oracle Application Server	Version 1.0.2.1s
Oracle Application Server	Version 1.0.2.2.2
Oracle Application Server	Version 1.0.2.2
Oracle Application Server	Version 1.0.2
Oracle Application Server	Version 10.1.0.2
Oracle Application Server	Version 10.1.0.3.1
Oracle Application Server	Version 10.1.0.3
Oracle Application Server	Version 10.1.0.4
Oracle Application Server	Version 10.1.2.0.2
Oracle Application Server	Version 10.1.2.1.0
Oracle Application Server	Version 10.1.2
Oracle Application Server	Version 10.1.2_.0.1
Oracle Application Server	Version 9.0.2.0.0
Oracle Application Server	Version 9.0.2.0.1
Oracle Application Server	Version 9.0.2.1
Oracle Application Server	Version 9.0.2.2
Oracle Application Server	Version 9.0.2.3
Oracle Application Server	Version 9.0.2
Oracle Application Server	Version 9.0.3.1
Oracle Application Server	Version 9.0.3
Oracle Application Server	Version 9.0.4.0
Oracle Application Server	Version 9.0.4.1
Oracle Application Server	Version 9.0.4.2
Oracle Application Server	Version 9.2.0.6
Oracle Application Server	Version 9.2.0.7
Oracle Http Server	Version 1.0.2.0
Oracle Http Server	Version 1.0.2.1
Oracle Http Server	Version 1.0.2.1s_for_apps
Oracle Http Server	Version 1.0.2.2
Oracle Http Server	Version 1.0.2.2_roll_up_2
Oracle Http Server	Version 8.1.7
Oracle Http Server	Version 9.0.1
Oracle Http Server	Version 9.0.2.3
Oracle Http Server	Version 9.0.2
Oracle Http Server	Version 9.0.3.1
Oracle Http Server	Version 9.1
Oracle Http Server	Version 9.2.0

References (50)

http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041899.html

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html

Source: cve@mitre.org

http://secunia.com/advisories/18621

Source: cve@mitre.org

http://secunia.com/advisories/19712

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/19859

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/402

Source: cve@mitre.org

http://securityreason.com/securityalert/403

Source: cve@mitre.org

http://securitytracker.com/id?1015544

Source: cve@mitre.org

http://securitytracker.com/id?1015961

Source: cve@mitre.org

Patch

http://www.kb.cert.org/vuls/id/169164

Source: cve@mitre.org

US Government Resource

http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html

Source: cve@mitre.org

http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html

Source: cve@mitre.org

http://www.osvdb.org/22719

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/423029/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/423673/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/423819/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/423822/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/424394/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/432267/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16384

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/0338

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/1397

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/1571

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/24363

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041899.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041742.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/18621

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/19712

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/19859

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/402

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/403

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1015544

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1015961

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.kb.cert.org/vuls/id/169164

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/22719

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/423029/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/423673/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/423819/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/423822/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/424394/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/432267/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/16384

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/0338

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2006/1397

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2006/1571

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/24363

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.