Vulnerability Details : CVE-2007-5511
Public exploit exists!
SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain.
Vulnerability category: Sql Injection
Exploit prediction scoring system (EPSS) score for CVE-2007-5511
Probability of exploitation activity in the next 30 days: 97.48%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2007-5511
-
Oracle DB SQL Injection via SYS.LT.FINDRICSET Evil Cursor Method
Disclosure Date: 2007-10-17First seen: 2020-04-26auxiliary/sqli/oracle/lt_findricset_cursorThis module will escalate an Oracle DB user to DBA by exploiting a sql injection bug in the SYS.LT.FINDRICSET package via Evil Cursor technique. Tested on oracle 10.1.0.3.0 -- should work on thru 10.1.0.5.0 and supposedly on 11g. Fixed with Oracle Critical
CVSS scores for CVE-2007-5511
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
CWE ids for CVE-2007-5511
-
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-5511
-
http://securityreason.com/securityalert/3245
- http://www.vupen.com/english/advisories/2007/3524
- http://www.securitytracker.com/id?1018823
-
http://www.securityfocus.com/bid/26098
Oracle Workspace Manager LT Package SQL Injection Vulnerability
-
https://www.exploit-db.com/exploits/4572
- http://www.vupen.com/english/advisories/2007/3626
-
https://www.exploit-db.com/exploits/4570
-
https://www.exploit-db.com/exploits/4571
- http://marc.info/?l=bugtraq&m=119332677525918&w=2
-
http://www.securityfocus.com/archive/1/482429/100/0/threaded
Products affected by CVE-2007-5511
- cpe:2.3:a:oracle:database_server:*:*:*:*:*:*:*:*