Vulnonym.com

CVE-2006-5351 - Designed Subtotals

Description

Multiple unspecified vulnerabilities in Oracle Application Express (formerly Oracle HTML DB) 1.5 up to 2.0 have unknown impact and remote attack vectors aka Vuln (1) APEX01 (2) APEX02 (3) APEX03 (4) APEX05 (5) APEX06 (6) APEX07 (7) APEX08 (8) APEX09 (9) APEX10 (10) APEX11 (11) APEX12 (12) APEX13 (13) APEX14 (14) APEX15 (15) APEX16 (16) APEX17 (17) APEX18 (18) APEX19 (19) APEX22 (20) APEX23 (21) APEX24 (22) APEX25 (23) APEX26 (24) APEX27 (25) APEX28 (26) APEX29 (27) APEX30 (28) APEX31 (29) APEX32 (30) APEX33 (31) APEX34 and (32) APEX35. NOTE: as of 20061027 it is likely that some of these identifiers are associated with cross-site scripting (XSS) in WWV_FLOW_ITEM_HELP and NOTIFICATION_MSG but these have been provided separate identifiers.

Reference

http://www.securityfocus.com/bid/20588 http://www.red-database-security.com/advisory/oracle_cpu_oct_2006.html http://www.us-cert.gov/cas/techalerts/TA06-291A.html http://securitytracker.com/id?1017077 http://secunia.com/advisories/22396 http://www.vupen.com/english/advisories/2006/4065 http://www.oracle.com/technetwork/topics/security/cpuoct2006-095368.html http://www.securityfocus.com/archive/1/449711/100/0/threaded