Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2007-3854

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow.

  • Published: Jul 18, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-3854
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5.5
  • AV:N/AC:L/Au:S/C:P/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
oracle / database_server 10.2.0.3-r2 10.2.0.3-r2.x
oracle / application_server 10.1.2.0.2 10.1.2.0.2.x
oracle / database_server 9.0.1.5 9.0.1.5.x
oracle / peoplesoft_enterprise_customer_relationship_management 9.0 9.0.x
oracle / peoplesoft_enterprise_peopletools 8.47 8.47.x
oracle / application_server 10.1.3.2.0 10.1.3.2.0.x
oracle / application_server 10.1.3.1.0 10.1.3.1.0.x
oracle / application_server 10.1.2.1.0 10.1.2.1.0.x
oracle / peoplesoft_enterprise_peopletools 8.48 8.48.x
oracle / application_server 1.0.2.2-r2 1.0.2.2-r2.x
oracle / peoplesoft_enterprise_human_capital_management 9.0 9.0.x
oracle / secure_enterprise_search 10.1.8 10.1.8.x
oracle / apex 1.6.1 1.6.1.x
oracle / peoplesoft_enterprise_customer_relationship_management 8.9 8.9.x
oracle / database_server 9.2.0.7-r2 9.2.0.7-r2.x
oracle / e-business_suite 12.0.0 12.0.0.x
oracle / database_server 9.2.0.8-r2 9.2.0.8-r2.x
oracle / e-business_suite 11.5.10.2 11.5.10.2.x
oracle / apex 2.2 2.2.x
oracle / e-business_suite 12.0.1 12.0.1.x
oracle / application_server 9.0.4.3 9.0.4.3.x
oracle / apex 1.5.0 1.5.0.x
oracle / secure_enterprise_search 10.1.6 10.1.6.x
oracle / peoplesoft_enterprise_human_capital_management 8.9 8.9.x
oracle / application_server 10.1.2.0.1 10.1.2.0.1.x
oracle / application_server 10.1.2.2.0 10.1.2.2.0.x
oracle / database_server 10.2.0.2-r2 10.2.0.2-r2.x
oracle / application_server 10.1.3.0.0 10.1.3.0.0.x
oracle / collaboration_suite 10.1.2 10.1.2.x
oracle / e-business_suite 11.5.10 11.5.10.x
oracle / e-business_suite 11.5.8 11.5.8.x
oracle / database_server 9.2.0.8dv-r2 9.2.0.8dv-r2.x
oracle / application_server 10.1.3.3.0 10.1.3.3.0.x
oracle / peoplesoft_enterprise_peopletools 8.22 8.22.x
oracle / e-business_suite 11.5.9 11.5.9.x
oracle / database_server 10.1.0.5 10.1.0.5.x
oracle / peoplesoft_enterprise_peopletools 8.49 8.49.x
oracle / apex 2.0 2.0.x