CVE-2007-2111

CVE-2007-2111 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 allows remote authenticated users to inject arbitrary SQL commands via unknown vectors, aka DB04. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB04 is actually for multiple vulnerabilities.

Learn more about our Cis Benchmark Audit For Oracle Database.