What is CVE-2006-2081?

CVE-2006-2081 is a vulnerability in N/a. Published 2006-04-27.

Is CVE-2006-2081 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2006-2081

Oracle Database Server 10g Release 2 allows local users to execute arbitrary SQL queries via the GET_DOMAIN_INDEX_METADATA function in the DBMS_EXPORT_EXTENSION package. NOTE: this issue was originally linked to DB05 (CVE-2006-1870), but a…

EPSS: 0.643 (98.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

20060426 Recent Oracle exploit is _actually_ an 0day with no patch (mailing-list, x_refsource_BUGTRAQ)
20060427 Re: Recent Oracle exploit is _actually_ an 0day with no patch (mailing-list, x_refsource_BUGTRAQ)
www.red-database-security.com/exploits/oracle-sql-injection-oracle-dbms_export_… (x_refsource_MISC)
VU#932124 (x_refsource_CERT-VN, third-party-advisory)
19860 (x_refsource_SECUNIA, third-party-advisory)
oracle-dbmsexportextension-sql-injection(26048) (vdb-entry, x_refsource_XF)
20060419 Oracle 10g 10.2.0.2.0 DBA exploit (mailing-list, x_refsource_BUGTRAQ)
17699 (vdb-entry, x_refsource_BID)
1015999 (vdb-entry, x_refsource_SECTRACK)
20060501 RE: Oracle 10g 10.2.0.2.0 DBA exploit (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2006-2081?: CVE-2006-2081 is a vulnerability in N/a. Published 2006-04-27.
Is CVE-2006-2081 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.