Intrusion Prevention

Oracle.Database.Crafted.View.Privilege.Escalation

Description

This indicates a possible privilege escalation in Oracle Database that may allow local users with "SELECT" privileges for a database table to insert, update, or delete data by creating a crafted view, then performing the operations on that view.

Affected Products

Oracle Oracle9i Standard Edition 9.2.7
Oracle Oracle9i Standard Edition 9.2.6
Oracle Oracle9i Standard Edition 9.2.3
Oracle Oracle9i Standard Edition 9.2.2
Oracle Oracle9i Standard Edition 9.2.2
Oracle Oracle9i Standard Edition 9.2.1
Oracle Oracle9i Standard Edition 9.2.1
Oracle Oracle9i Standard Edition 9.2.0.5
Oracle Oracle9i Standard Edition 9.2.0.3
Oracle Oracle9i Standard Edition 9.2.0.2
Oracle Oracle9i Standard Edition 9.2.0.1
Oracle Oracle9i Standard Edition 9.2
Oracle Oracle9i Personal Edition 9.2.6
Oracle Oracle9i Personal Edition 9.2.0.5
Oracle Oracle9i Personal Edition 9.2.0.3
Oracle Oracle9i Personal Edition 9.2.0.2
Oracle Oracle9i Personal Edition 9.2.0.1
Oracle Oracle9i Personal Edition 9.2
Oracle Oracle9i Enterprise Edition 9.2.6
Oracle Oracle9i Enterprise Edition 9.2.0.5
Oracle Oracle9i Enterprise Edition 9.2.0.3
Oracle Oracle9i Enterprise Edition 9.2.0.2
Oracle Oracle9i Enterprise Edition 9.2.0.1
Oracle Oracle9i Enterprise Edition 9.2.0
Oracle Oracle10g Standard Edition 10.2.3
Oracle Oracle10g Standard Edition 10.2.1
Oracle Oracle10g Standard Edition 10.1.4.2
Oracle Oracle10g Standard Edition 10.1.0.5
Oracle Oracle10g Standard Edition 10.1.0.4
Oracle Oracle10g Standard Edition 10.1.0.3.1
Oracle Oracle10g Standard Edition 10.1.0.3
Oracle Oracle10g Standard Edition 10.1.0.2
Oracle Oracle10g Personal Edition 10.2.3
Oracle Oracle10g Personal Edition 10.1.0.4
Oracle Oracle10g Personal Edition 10.1.0.3.1
Oracle Oracle10g Personal Edition 10.1.0.3
Oracle Oracle10g Personal Edition 10.1.0.2
Oracle Oracle10g Enterprise Edition 10.2.3
Oracle Oracle10g Enterprise Edition 10.1.0.4
Oracle Oracle10g Enterprise Edition 10.1.0.3.1
Oracle Oracle10g Enterprise Edition 10.1.0.3
Oracle Oracle10g Enterprise Edition 10.1.0.2

Impact

Privilege escalation.

Recommended Actions

Currently we are not aware of any official supplied fix for this issue.
If you are aware of more information, please mail us: vulnwatch@fortinet.com.

CVE References

CVE-2006-1705