Unrated severityNVD Advisory· Published May 2, 2005· Updated Jun 16, 2026
CVE-2005-1197
CVE-2005-1197
Description
SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:oracle:database_server:10.1.0.2:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:oracle:database_server:10.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:10.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:10.1.0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:10.1.0.4:*:*:*:*:*:*:*
- (no CPE)range: 10g
Patches
Vulnerability mechanics
References
4- www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdfnvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/948486nvdUS Government Resource
- www.us-cert.gov/cas/techalerts/TA05-117A.htmlnvdUS Government Resource
- marc.infonvd
News mentions
0No linked articles in our index yet.