CVE-2005-1496 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2005-1496

The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.

Published: May 11, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-1496
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / oracle10g	personal_10.1.0.3	personal_10.1.0.3.x
oracle / oracle10g	standard_10.1.0.3.1	standard_10.1.0.3.1.x
oracle / application_server	10.1.0.3	10.1.0.3.x
oracle / oracle10g	enterprise_10.1.0.3	enterprise_10.1.0.3.x
oracle / oracle10g	enterprise_10.1.0.3.1	enterprise_10.1.0.3.1.x
oracle / oracle10g	standard_10.1.0.2	standard_10.1.0.2.x
oracle / oracle10g	personal_10.1.0.3.1	personal_10.1.0.3.1.x
oracle / oracle10g	personal_10.1.0.2	personal_10.1.0.2.x
oracle / oracle10g	standard_10.1.0.3	standard_10.1.0.3.x
oracle / oracle10g	enterprise_10.1.0.2	enterprise_10.1.0.2.x
oracle / application_server	10.1.0.2	10.1.0.2.x
oracle / application_server	10.1.0.3.1	10.1.0.3.1.x