|
|||
Rule General Information |
---|
Release Date: | 2014-12-11 | |
Rule Name: | Oracle Database SUBSCRIPTION_NAME Parameter SQL Injection (CVE-2005-1197) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | An SQL injection vulnerability exists in the Oracle Database Server's DBMS_CDC_SUBSCRIBE and DBMS_CDC_ISUBSCRIBE packages. This issue is caused by insufficient sanitization of user-supplied data. | |
Impact: | SQL injection | |
Affected OS: | Solaris, Linux | |
Reference: | CVE-2005-1197 |
|
Solutions |
---|
Update vendor's patch. |