Vulnerability CVE-2006-7138

Vulnerability CVE-2006-7138

Published: 2007-03-07 Modified: 2012-02-12

Description:

	Topic	Author	Date
Med.	SQL Injection Vulnerability in Oracle WWV_FLOW_UTILITIES	red-database-sec...	09.03.2007

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
6/10	6.4/10	6.8/10

Affected software
Oracle -> APEX

http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050265.html

http://securityreason.com/securityalert/2346

http://www.red-database-security.com/advisory/oracle_apex_sql_injection_wwv_flow_utilities.html

http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html

http://www.securityfocus.com/archive/1/449498/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/30106