Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Allround Automations PL/SQL Developer 安全漏洞
Vulnerability Description
Allround Automations PL/SQL Developer是荷兰Allround Automations公司的一套为Oracle数据库开发存储程序单元的集成开发环境,它提供语法加强、SQL和PL/SQL帮助、对象描述等功能。 Allround Automations PL/SQL Developer 11.0.6之前11版本中存在安全漏洞,该漏洞源于程序根据未验证的HTTP数据进行升级。攻击者可通过修改client-server数据流中的字段利用该漏洞实施中间人攻击,执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A