Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Apex | Oracle | 1.5.0 (including) | 1.5.0 (including) |
| Apex | Oracle | 1.6.1 (including) | 1.6.1 (including) |
| Apex | Oracle | 2.0 (including) | 2.0 (including) |
| Apex | Oracle | 2.2 (including) | 2.2 (including) |
| Application_server | Oracle | 1.0.2.2-r2 (including) | 1.0.2.2-r2 (including) |
| Application_server | Oracle | 9.0.4.3 (including) | 9.0.4.3 (including) |
| Application_server | Oracle | 10.1.2.0.1 (including) | 10.1.2.0.1 (including) |
| Application_server | Oracle | 10.1.2.0.2 (including) | 10.1.2.0.2 (including) |
| Application_server | Oracle | 10.1.2.1.0 (including) | 10.1.2.1.0 (including) |
| Application_server | Oracle | 10.1.2.2.0 (including) | 10.1.2.2.0 (including) |
| Application_server | Oracle | 10.1.3.0.0 (including) | 10.1.3.0.0 (including) |
| Application_server | Oracle | 10.1.3.1.0 (including) | 10.1.3.1.0 (including) |
| Application_server | Oracle | 10.1.3.2.0 (including) | 10.1.3.2.0 (including) |
| Application_server | Oracle | 10.1.3.3.0 (including) | 10.1.3.3.0 (including) |
| Collaboration_suite | Oracle | 10.1.2 (including) | 10.1.2 (including) |
| Database_server | Oracle | 9.0.1.5 (including) | 9.0.1.5 (including) |
| Database_server | Oracle | 9.2.0.7-r2 (including) | 9.2.0.7-r2 (including) |
| Database_server | Oracle | 9.2.0.8-r2 (including) | 9.2.0.8-r2 (including) |
| Database_server | Oracle | 9.2.0.8dv-r2 (including) | 9.2.0.8dv-r2 (including) |
| Database_server | Oracle | 10.1.0.5 (including) | 10.1.0.5 (including) |
| Database_server | Oracle | 10.2.0.2-r2 (including) | 10.2.0.2-r2 (including) |
| Database_server | Oracle | 10.2.0.3-r2 (including) | 10.2.0.3-r2 (including) |
| E-business_suite | Oracle | 11.5.8 (including) | 11.5.8 (including) |
| E-business_suite | Oracle | 11.5.9 (including) | 11.5.9 (including) |
| E-business_suite | Oracle | 11.5.10 (including) | 11.5.10 (including) |
| E-business_suite | Oracle | 11.5.10.2 (including) | 11.5.10.2 (including) |
| E-business_suite | Oracle | 12.0.0 (including) | 12.0.0 (including) |
| E-business_suite | Oracle | 12.0.1 (including) | 12.0.1 (including) |
| Peoplesoft_enterprise_customer_relationship_management | Oracle | 8.9 (including) | 8.9 (including) |
| Peoplesoft_enterprise_customer_relationship_management | Oracle | 9.0 (including) | 9.0 (including) |
| Peoplesoft_enterprise_human_capital_management | Oracle | 8.9 (including) | 8.9 (including) |
| Peoplesoft_enterprise_human_capital_management | Oracle | 9.0 (including) | 9.0 (including) |
| Peoplesoft_enterprise_peopletools | Oracle | 8.22 (including) | 8.22 (including) |
| Peoplesoft_enterprise_peopletools | Oracle | 8.47 (including) | 8.47 (including) |
| Peoplesoft_enterprise_peopletools | Oracle | 8.48 (including) | 8.48 (including) |
| Peoplesoft_enterprise_peopletools | Oracle | 8.49 (including) | 8.49 (including) |
| Secure_enterprise_search | Oracle | 10.1.6 (including) | 10.1.6 (including) |
| Secure_enterprise_search | Oracle | 10.1.8 (including) | 10.1.8 (including) |