CyberSec.Space Logo
Back to CVE Browser

CVE-2006-0270

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0170%
EPSS Percentile5.59th
PublishedJan 18, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Database server 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB27. NOTE: Oracle has not disputed a reliable researcher report that TDA stores the master key without encryption, which allows local users to obtain the key via the SGA.

Affected Platforms (CPE)

πŸ“¦
Oracle

Database Server

= 10.2.0.1

References & Advisories

πŸ”— http://secunia.com/advisories/18493
πŸ”— http://secunia.com/advisories/18608
πŸ”— http://securitytracker.com/id?1015499
πŸ”— http://www.kb.cert.org/vuls/id/545804
πŸ”— http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html
πŸ”— http://www.red-database-security.com/advisory/oracle_tde_unencrypted_sga.html
πŸ”— http://www.securityfocus.com/archive/1/422262/30/7400/threaded
πŸ”— http://www.securityfocus.com/bid/16287

Related Vulnerabilities

CVE-2020-2949310.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthentic...

CVE-2020-677910.0

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 a...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-1999-000310.0

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).