Vulnerability Details : CVE-2007-2109
Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have unknown impact and remote authenticated attack vectors related to (1) Rules Manager and Expression Filter components (DB02) and (2) Oracle Streams (DB06). Note: as of 20070424, Oracle has not disputed reliable claims that DB02 is for a race condition in the RLMGR_TRUNCATE_MAINT trigger in the Rules Manager and Expression Filter components changing the AUTHID of a package from DEFINER to CURRENT_USER after a TRUNCATE call, and DB06 is for SQL injection in the DBMS_APPLY_USER_AGENT.SET_REGISTRATION_HANDLER procedure, which is later passed to the DBMS_APPLY_ADM_INTERNAL.ALTER_APPLY procedure, aka "Oracle Streams".
Vulnerability category: Sql Injection
Threat overview for CVE-2007-2109
Top countries where our scanners detected CVE-2007-2109
Top open port discovered on systems with this issue 1521
IPs affected by CVE-2007-2109 147
Threat actors abusing to this issue? Yes
Find out if you* are affected by CVE-2007-2109!
*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2007-2109
Probability of exploitation activity in the next 30 days: 0.77%
CVSS scores for CVE-2007-2109
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
References for CVE-2007-2109
US Government Resource