返回 CVE 浏览器

CVE-2006-0270

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0170%

EPSS Percentile5.59th

Published2006年1月18日

Last Modified2026年4月16日

Vulnerability Description

Unspecified vulnerability in the Transparent Data Encryption (TDE) Wallet component of Oracle Database server 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB27. NOTE: Oracle has not disputed a reliable researcher report that TDA stores the master key without encryption, which allows local users to obtain the key via the SGA.

Affected Platforms (CPE)

📦

Oracle

Database Server

= 10.2.0.1

References & Advisories

🔗 http://secunia.com/advisories/18493

🔗 http://secunia.com/advisories/18608

🔗 http://securitytracker.com/id?1015499

🔗 http://www.kb.cert.org/vuls/id/545804

🔗 http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.html

🔗 http://www.red-database-security.com/advisory/oracle_tde_unencrypted_sga.html

🔗 http://www.securityfocus.com/archive/1/422262/30/7400/threaded

🔗 http://www.securityfocus.com/bid/16287

相关漏洞威胁

CVE-2020-2949310.0

DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthentic...

CVE-2020-677910.0

Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 a...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-1999-000310.0

Execute commands as root via buffer overflow in Tooltalk database server (rpc.ttdbserverd).