All the vulnerabilites related to oracle - database_9i
cve-2008-3983
Vulnerability from cvelistv5
Published
2008-10-14 21:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32291 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45886 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1021050 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/2825 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:42.290Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "oracle-database-workspace-priv-escalation2(45886)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45886"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "oracle-database-workspace-priv-escalation2(45886)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45886"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-3983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32291"
},
{
"name": "oracle-database-workspace-priv-escalation2(45886)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45886"
},
{
"name": "1021050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-3983",
"datePublished": "2008-10-14T21:00:00",
"dateReserved": "2008-09-09T00:00:00",
"dateUpdated": "2024-08-07T10:00:42.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3984
Vulnerability from cvelistv5
Published
2008-10-14 21:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3983.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45887 | vdb-entry, x_refsource_XF | |
| http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32291 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1021050 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/2825 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:42.395Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-database-workspace-priv-escalation3(45887)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45887"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3983."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "oracle-database-workspace-priv-escalation3(45887)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45887"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-3984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3983."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-database-workspace-priv-escalation3(45887)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45887"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-3984",
"datePublished": "2008-10-14T21:00:00",
"dateReserved": "2008-09-09T00:00:00",
"dateUpdated": "2024-08-07T10:00:42.395Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1817
Vulnerability from cvelistv5
Published
2008-04-16 10:00
Modified
2024-08-07 08:32
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.556Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-cpu-april-2008(41858)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html"
},
{
"name": "1019855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "oracle-database-sdoidx-sql-injection(42001)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42001"
},
{
"name": "29829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "20080416 Oracle - SQL Injection in package SDO_IDX [DB07]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490920/100/0/threaded"
},
{
"name": "oracle-database-rdbms-info-disclosure(42002)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oracle-cpu-april-2008(41858)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html"
},
{
"name": "1019855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "oracle-database-sdoidx-sql-injection(42001)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42001"
},
{
"name": "29829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "20080416 Oracle - SQL Injection in package SDO_IDX [DB07]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490920/100/0/threaded"
},
{
"name": "oracle-database-rdbms-info-disclosure(42002)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42002"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-cpu-april-2008(41858)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html"
},
{
"name": "1019855",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "oracle-database-sdoidx-sql-injection(42001)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42001"
},
{
"name": "29829",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "20080416 Oracle - SQL Injection in package SDO_IDX [DB07]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490920/100/0/threaded"
},
{
"name": "oracle-database-rdbms-info-disclosure(42002)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42002"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1817",
"datePublished": "2008-04-16T10:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2587
Vulnerability from cvelistv5
Published
2008-07-15 23:00
Modified
2024-08-07 09:05
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2008/2115 | vdb-entry, x_refsource_VUPEN | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 | vendor-advisory, x_refsource_HP | |
| http://www.vupen.com/english/advisories/2008/2109/references | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1020499 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/31087 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/31113 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:05:30.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "1020499",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020499"
},
{
"name": "31087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "1020499",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020499"
},
{
"name": "31087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31113"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2587",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "1020499",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020499"
},
{
"name": "31087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31113"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2587",
"datePublished": "2008-07-15T23:00:00",
"dateReserved": "2008-06-09T00:00:00",
"dateUpdated": "2024-08-07T09:05:30.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3991
Vulnerability from cvelistv5
Published
2008-10-14 21:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45894 | vdb-entry, x_refsource_XF | |
| http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32291 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1021050 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/2825 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:42.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-database-olap-dos2(45894)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45894"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "oracle-database-olap-dos2(45894)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45894"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-3991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-database-olap-dos2(45894)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45894"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-3991",
"datePublished": "2008-10-14T21:00:00",
"dateReserved": "2008-09-09T00:00:00",
"dateUpdated": "2024-08-07T10:00:42.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3974
Vulnerability from cvelistv5
Published
2009-01-14 01:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/33525 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1021561 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2009/0115 | vdb-entry, x_refsource_VUPEN | |
| http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/33177 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/51347 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:42.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33525"
},
{
"name": "1021561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "33177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33177"
},
{
"name": "51347",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/51347"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-24T10:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "33525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33525"
},
{
"name": "1021561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "33177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33177"
},
{
"name": "51347",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/51347"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-3974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33525",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33525"
},
{
"name": "1021561",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "33177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33177"
},
{
"name": "51347",
"refsource": "OSVDB",
"url": "http://osvdb.org/51347"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-3974",
"datePublished": "2009-01-14T01:00:00",
"dateReserved": "2008-09-09T00:00:00",
"dateUpdated": "2024-08-07T10:00:42.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2607
Vulnerability from cvelistv5
Published
2008-07-15 23:00
Modified
2024-08-07 09:05
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a buffer overflow that allows attackers to cause a denial of service (database corruption) and possibly execute arbitrary code via a long argument to an unspecified procedure.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2008/2115 | vdb-entry, x_refsource_VUPEN | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 | vendor-advisory, x_refsource_HP | |
| http://www.vupen.com/english/advisories/2008/2109/references | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1020499 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/31087 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/31113 | third-party-advisory, x_refsource_SECUNIA | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=726 | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:05:30.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "1020499",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020499"
},
{
"name": "31087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31113"
},
{
"name": "20080715 Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=726"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a buffer overflow that allows attackers to cause a denial of service (database corruption) and possibly execute arbitrary code via a long argument to an unspecified procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "1020499",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020499"
},
{
"name": "31087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31113"
},
{
"name": "20080715 Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=726"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2607",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a buffer overflow that allows attackers to cause a denial of service (database corruption) and possibly execute arbitrary code via a long argument to an unspecified procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "1020499",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020499"
},
{
"name": "31087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31113"
},
{
"name": "20080715 Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=726"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2607",
"datePublished": "2008-07-15T23:00:00",
"dateReserved": "2008-06-09T00:00:00",
"dateUpdated": "2024-08-07T09:05:30.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3999
Vulnerability from cvelistv5
Published
2009-01-14 01:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/33525 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1021561 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2009/0115 | vdb-entry, x_refsource_VUPEN | |
| http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html | x_refsource_CONFIRM | |
| http://osvdb.org/51349 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/33177 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:42.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33525"
},
{
"name": "1021561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "51349",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/51349"
},
{
"name": "33177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-24T10:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "33525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33525"
},
{
"name": "1021561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "51349",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/51349"
},
{
"name": "33177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-3999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33525",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33525"
},
{
"name": "1021561",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "51349",
"refsource": "OSVDB",
"url": "http://osvdb.org/51349"
},
{
"name": "33177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-3999",
"datePublished": "2009-01-14T01:00:00",
"dateReserved": "2008-09-09T00:00:00",
"dateUpdated": "2024-08-07T10:00:42.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-5437
Vulnerability from cvelistv5
Published
2009-01-14 01:00
Modified
2024-08-07 10:56
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_IJOB.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/33525 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/51352 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1021561 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2009/0115 | vdb-entry, x_refsource_VUPEN | |
| http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/33177 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:56:46.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33525"
},
{
"name": "51352",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/51352"
},
{
"name": "1021561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "33177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_IJOB."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-24T10:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "33525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33525"
},
{
"name": "51352",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/51352"
},
{
"name": "1021561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "33177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-5437",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_IJOB."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33525",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33525"
},
{
"name": "51352",
"refsource": "OSVDB",
"url": "http://osvdb.org/51352"
},
{
"name": "1021561",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "33177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-5437",
"datePublished": "2009-01-14T01:00:00",
"dateReserved": "2008-12-11T00:00:00",
"dateUpdated": "2024-08-07T10:56:46.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1813
Vulnerability from cvelistv5
Published
2008-04-16 10:00
Modified
2024-08-07 08:32
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.red-database-security.com/advisory/oracle_outln_password_change.html"
},
{
"name": "oracle-cpu-april-2008(41858)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html"
},
{
"name": "ADV-2008-1233",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "oracle-database-sdogeom-sql-injection(41993)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41993"
},
{
"name": "oracle-database-queryop-default-password(41995)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41995"
},
{
"name": "1019855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "20080416 Oracle - SQL Injection in package SDO_GEOM [DB06]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490919/100/0/threaded"
},
{
"name": "29829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "oracle-database-export-info-disclosure(41994)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41994"
},
{
"name": "29874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "oracle-database-corerdbms-unspecified(41992)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41992"
},
{
"name": "oracle-database-dbmsaq-unspecified(41991)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41991"
},
{
"name": "20080416 Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490950/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.red-database-security.com/advisory/oracle_outln_password_change.html"
},
{
"name": "oracle-cpu-april-2008(41858)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html"
},
{
"name": "ADV-2008-1233",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "oracle-database-sdogeom-sql-injection(41993)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41993"
},
{
"name": "oracle-database-queryop-default-password(41995)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41995"
},
{
"name": "1019855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "20080416 Oracle - SQL Injection in package SDO_GEOM [DB06]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490919/100/0/threaded"
},
{
"name": "29829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "oracle-database-export-info-disclosure(41994)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41994"
},
{
"name": "29874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "oracle-database-corerdbms-unspecified(41992)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41992"
},
{
"name": "oracle-database-dbmsaq-unspecified(41991)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41991"
},
{
"name": "20080416 Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490950/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1813",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.red-database-security.com/advisory/oracle_outln_password_change.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_outln_password_change.html"
},
{
"name": "oracle-cpu-april-2008(41858)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html"
},
{
"name": "ADV-2008-1233",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "oracle-database-sdogeom-sql-injection(41993)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41993"
},
{
"name": "oracle-database-queryop-default-password(41995)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41995"
},
{
"name": "1019855",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "20080416 Oracle - SQL Injection in package SDO_GEOM [DB06]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490919/100/0/threaded"
},
{
"name": "29829",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "oracle-database-export-info-disclosure(41994)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41994"
},
{
"name": "29874",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "oracle-database-corerdbms-unspecified(41992)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41992"
},
{
"name": "oracle-database-dbmsaq-unspecified(41991)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41991"
},
{
"name": "20080416 Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490950/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1813",
"datePublished": "2008-04-16T10:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2591
Vulnerability from cvelistv5
Published
2008-07-15 23:00
Modified
2024-08-07 09:05
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2008/2115 | vdb-entry, x_refsource_VUPEN | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 | vendor-advisory, x_refsource_HP | |
| http://www.vupen.com/english/advisories/2008/2109/references | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1020499 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/31087 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/31113 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:05:30.223Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "1020499",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020499"
},
{
"name": "31087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "1020499",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020499"
},
{
"name": "31087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31113"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "1020499",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020499"
},
{
"name": "31087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31113"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2591",
"datePublished": "2008-07-15T23:00:00",
"dateReserved": "2008-06-09T00:00:00",
"dateUpdated": "2024-08-07T09:05:30.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0984
Vulnerability from cvelistv5
Published
2009-04-15 10:00
Modified
2024-08-07 04:57
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/34461 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/34693 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.us-cert.gov/cas/techalerts/TA09-105A.html | third-party-advisory, x_refsource_CERT | |
| http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1022052 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34461",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "1022052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-04-18T09:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "34461",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "1022052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2009-0984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "1022052",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2009-0984",
"datePublished": "2009-04-15T10:00:00",
"dateReserved": "2009-03-19T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2625
Vulnerability from cvelistv5
Published
2008-10-14 21:00
Modified
2024-08-07 09:05
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue involves an authentication bypass by establishing a TNS connection and impersonating a user session via a crafted authentication message during proxy authentication mode.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/497539/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45880 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/32291 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1021050 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/2825 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:05:30.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20081019 CVE-2008-2625: Oracle DBMS ? Proxy Authentication Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497539/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "oracle-db-corerdbms-unauth-access(45880)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45880"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue involves an authentication bypass by establishing a TNS connection and impersonating a user session via a crafted authentication message during proxy authentication mode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20081019 CVE-2008-2625: Oracle DBMS ? Proxy Authentication Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497539/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "oracle-db-corerdbms-unauth-access(45880)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45880"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue involves an authentication bypass by establishing a TNS connection and impersonating a user session via a crafted authentication message during proxy authentication mode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20081019 CVE-2008-2625: Oracle DBMS ? Proxy Authentication Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497539/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "oracle-db-corerdbms-unauth-access(45880)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45880"
},
{
"name": "32291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2625",
"datePublished": "2008-10-14T21:00:00",
"dateReserved": "2008-06-09T00:00:00",
"dateUpdated": "2024-08-07T09:05:30.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-5436
Vulnerability from cvelistv5
Published
2009-01-14 01:00
Modified
2024-08-07 10:56
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/33525 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1021561 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2009/0115 | vdb-entry, x_refsource_VUPEN | |
| http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html | x_refsource_CONFIRM | |
| http://osvdb.org/51346 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/33177 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:56:46.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33525"
},
{
"name": "1021561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "51346",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/51346"
},
{
"name": "33177",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33177"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-24T10:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "33525",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33525"
},
{
"name": "1021561",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "51346",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/51346"
},
{
"name": "33177",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33177"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-5436",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33525",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33525"
},
{
"name": "1021561",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"name": "ADV-2009-0115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"name": "51346",
"refsource": "OSVDB",
"url": "http://osvdb.org/51346"
},
{
"name": "33177",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33177"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-5436",
"datePublished": "2009-01-14T01:00:00",
"dateReserved": "2008-12-11T00:00:00",
"dateUpdated": "2024-08-07T10:56:46.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0979
Vulnerability from cvelistv5
Published
2009-04-15 10:00
Modified
2024-08-07 04:57
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/34461 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/34693 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.us-cert.gov/cas/techalerts/TA09-105A.html | third-party-advisory, x_refsource_CERT | |
| http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1022052 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34461",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "1022052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-04-18T09:00:00",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "34461",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "1022052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2009-0979",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "1022052",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2009-0979",
"datePublished": "2009-04-15T10:00:00",
"dateReserved": "2009-03-19T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3976
Vulnerability from cvelistv5
Published
2008-10-14 21:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-3413 and CVE-2009-3414.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32291 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45882 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1021050 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/2825 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:42.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "oracle-database-spatial-priv-escalation(45882)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45882"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-3413 and CVE-2009-3414."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "oracle-database-spatial-priv-escalation(45882)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45882"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-3976",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-3413 and CVE-2009-3414."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32291"
},
{
"name": "oracle-database-spatial-priv-escalation(45882)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45882"
},
{
"name": "1021050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-3976",
"datePublished": "2008-10-14T21:00:00",
"dateReserved": "2008-09-09T00:00:00",
"dateUpdated": "2024-08-07T10:00:42.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2595
Vulnerability from cvelistv5
Published
2008-07-15 23:00
Modified
2024-08-07 09:05
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2008/2115 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1020494 | vdb-entry, x_refsource_SECTRACK | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 | vendor-advisory, x_refsource_HP | |
| http://www.vupen.com/english/advisories/2008/2109/references | vdb-entry, x_refsource_VUPEN | |
| https://www.exploit-db.com/exploits/6101 | exploit, x_refsource_EXPLOIT-DB | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725 | third-party-advisory, x_refsource_IDEFENSE | |
| http://secunia.com/advisories/31087 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/31113 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:05:30.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "1020494",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020494"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "6101",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6101"
},
{
"name": "20080715 Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725"
},
{
"name": "31087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "1020494",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020494"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "6101",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6101"
},
{
"name": "20080715 Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725"
},
{
"name": "31087",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31113"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2595",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"name": "ADV-2008-2115",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"name": "1020494",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020494"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"name": "ADV-2008-2109",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"name": "6101",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6101"
},
{
"name": "20080715 Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725"
},
{
"name": "31087",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31087"
},
{
"name": "31113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31113"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2595",
"datePublished": "2008-07-15T23:00:00",
"dateReserved": "2008-06-09T00:00:00",
"dateUpdated": "2024-08-07T09:05:30.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3982
Vulnerability from cvelistv5
Published
2008-10-14 21:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3983 and CVE-2008-3984.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32291 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1021050 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/2825 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45885 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:41.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"name": "oracle-database-workspace-priv-escalation1(45885)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45885"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3983 and CVE-2008-3984."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"name": "oracle-database-workspace-priv-escalation1(45885)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45885"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-3982",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3983 and CVE-2008-3984."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"name": "oracle-database-workspace-priv-escalation1(45885)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45885"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-3982",
"datePublished": "2008-10-14T21:00:00",
"dateReserved": "2008-09-09T00:00:00",
"dateUpdated": "2024-08-07T10:00:41.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1819
Vulnerability from cvelistv5
Published
2008-04-16 10:00
Modified
2024-08-07 08:32
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Oracle Net Services component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors, aka DB09.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42033 | vdb-entry, x_refsource_XF | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41858 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/1267/references | vdb-entry, x_refsource_VUPEN | |
| http://www.vupen.com/english/advisories/2008/1233/references | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1019855 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/29829 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/491024/100/0/threaded | vendor-advisory, x_refsource_HP | |
| http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/29874 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/491024/100/0/threaded | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-database-net-unspecified(42033)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42033"
},
{
"name": "oracle-cpu-april-2008(41858)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "1019855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "29829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle Net Services component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors, aka DB09."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oracle-database-net-unspecified(42033)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42033"
},
{
"name": "oracle-cpu-april-2008(41858)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "1019855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "29829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Net Services component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors, aka DB09."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-database-net-unspecified(42033)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42033"
},
{
"name": "oracle-cpu-april-2008(41858)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "1019855",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "29829",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1819",
"datePublished": "2008-04-16T10:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3994
Vulnerability from cvelistv5
Published
2008-10-14 21:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45898 | vdb-entry, x_refsource_XF | |
| http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32291 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1021050 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/2825 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:42.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-database-workspaceman-priv-escalation(45898)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45898"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "oracle-database-workspaceman-priv-escalation(45898)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45898"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-3994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-database-workspaceman-priv-escalation(45898)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45898"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-3994",
"datePublished": "2008-10-14T21:00:00",
"dateReserved": "2008-09-09T00:00:00",
"dateUpdated": "2024-08-07T10:00:42.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1820
Vulnerability from cvelistv5
Published
2008-04-16 10:00
Modified
2024-08-07 08:32
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Data Pump component in Oracle Database 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote attack vectors related to KUPF$FILE_INT, aka DB11. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB11 is for a buffer overflow in the SYS.KUPF$FILE_INT.GET_FULL_FILENAME procedure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41858 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/1267/references | vdb-entry, x_refsource_VUPEN | |
| http://www.vupen.com/english/advisories/2008/1233/references | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/491524/30/390/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42036 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1019855 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/29829 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/491024/100/0/threaded | vendor-advisory, x_refsource_HP | |
| http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/29874 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/491024/100/0/threaded | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-cpu-april-2008(41858)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "20080501 Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491524/30/390/threaded"
},
{
"name": "oracle-database-datapump-dos(42036)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42036"
},
{
"name": "1019855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "29829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Data Pump component in Oracle Database 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote attack vectors related to KUPF$FILE_INT, aka DB11. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB11 is for a buffer overflow in the SYS.KUPF$FILE_INT.GET_FULL_FILENAME procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oracle-cpu-april-2008(41858)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "20080501 Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/491524/30/390/threaded"
},
{
"name": "oracle-database-datapump-dos(42036)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42036"
},
{
"name": "1019855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "29829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Data Pump component in Oracle Database 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote attack vectors related to KUPF$FILE_INT, aka DB11. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB11 is for a buffer overflow in the SYS.KUPF$FILE_INT.GET_FULL_FILENAME procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-cpu-april-2008(41858)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "20080501 Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME (DB11)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/491524/30/390/threaded"
},
{
"name": "oracle-database-datapump-dos(42036)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42036"
},
{
"name": "1019855",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "29829",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1820",
"datePublished": "2008-04-16T10:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0977
Vulnerability from cvelistv5
Published
2009-04-15 10:00
Modified
2024-08-07 04:57
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is SQL injection in the GRANT_TYPE_ACCESS procedure in the DBMS_AQADM_SYS package.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/34461 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/34693 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.us-cert.gov/cas/techalerts/TA09-105A.html | third-party-advisory, x_refsource_CERT | |
| http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html | x_refsource_CONFIRM | |
| http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqadm_sys.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/502727/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1022052 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.149Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34461",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqadm_sys.html"
},
{
"name": "20090416 SQL Injection in package DBMS_AQADM_SYS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502727/100/0/threaded"
},
{
"name": "1022052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022052"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is SQL injection in the GRANT_TYPE_ACCESS procedure in the DBMS_AQADM_SYS package."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "34461",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqadm_sys.html"
},
{
"name": "20090416 SQL Injection in package DBMS_AQADM_SYS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502727/100/0/threaded"
},
{
"name": "1022052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022052"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2009-0977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is SQL injection in the GRANT_TYPE_ACCESS procedure in the DBMS_AQADM_SYS package."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqadm_sys.html",
"refsource": "MISC",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqadm_sys.html"
},
{
"name": "20090416 SQL Injection in package DBMS_AQADM_SYS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502727/100/0/threaded"
},
{
"name": "1022052",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022052"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2009-0977",
"datePublished": "2009-04-15T10:00:00",
"dateReserved": "2009-03-19T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.149Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1812
Vulnerability from cvelistv5
Published
2008-04-16 10:00
Modified
2024-08-07 08:32
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41989 | vdb-entry, x_refsource_XF | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41858 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/1267/references | vdb-entry, x_refsource_VUPEN | |
| http://www.vupen.com/english/advisories/2008/1233/references | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1019855 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/29829 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/491024/100/0/threaded | vendor-advisory, x_refsource_HP | |
| http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/29874 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/491024/100/0/threaded | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-enterprise-manager-unspecified(41989)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41989"
},
{
"name": "oracle-cpu-april-2008(41858)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "1019855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "29829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oracle-enterprise-manager-unspecified(41989)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41989"
},
{
"name": "oracle-cpu-april-2008(41858)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "1019855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "29829",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1812",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-enterprise-manager-unspecified(41989)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41989"
},
{
"name": "oracle-cpu-april-2008(41858)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"name": "ADV-2008-1267",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"name": "ADV-2008-1233",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"name": "1019855",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"name": "29829",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29829"
},
{
"name": "HPSBMA02133",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"name": "29874",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29874"
},
{
"name": "SSRT061201",
"refsource": "HP",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1812",
"datePublished": "2008-04-16T10:00:00",
"dateReserved": "2008-04-15T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0991
Vulnerability from cvelistv5
Published
2009-04-15 10:00
Modified
2024-08-07 04:57
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/34461 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/34693 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.us-cert.gov/cas/techalerts/TA09-105A.html | third-party-advisory, x_refsource_CERT | |
| http://osvdb.org/53737 | vdb-entry, x_refsource_OSVDB | |
| http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1022052 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/50026 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:57:17.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34461",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"name": "53737",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/53737"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "1022052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022052"
},
{
"name": "oracledatabase-tnslistener-dos(50026)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50026"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "34461",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"name": "53737",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/53737"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "1022052",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022052"
},
{
"name": "oracledatabase-tnslistener-dos(50026)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50026"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2009-0991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"name": "34693",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34693"
},
{
"name": "TA09-105A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"name": "53737",
"refsource": "OSVDB",
"url": "http://osvdb.org/53737"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"name": "1022052",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022052"
},
{
"name": "oracledatabase-tnslistener-dos(50026)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50026"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2009-0991",
"datePublished": "2009-04-15T10:00:00",
"dateReserved": "2009-03-19T00:00:00",
"dateUpdated": "2024-08-07T04:57:17.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3990
Vulnerability from cvelistv5
Published
2008-10-14 21:00
Modified
2024-08-07 10:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3991.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45893 | vdb-entry, x_refsource_XF | |
| http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32291 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1021050 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/2825 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:42.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-database-olap-dos1(45893)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45893"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3991."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "oracle-database-olap-dos1(45893)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45893"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2008-3990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3991."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-database-olap-dos1(45893)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45893"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"name": "32291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32291"
},
{
"name": "1021050",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"name": "ADV-2008-2825",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2825"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2008-3990",
"datePublished": "2008-10-14T21:00:00",
"dateReserved": "2008-09-09T00:00:00",
"dateUpdated": "2024-08-07T10:00:42.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2008-07-15 23:41
Modified
2024-11-21 00:47
Severity ?
Summary
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a buffer overflow that allows attackers to cause a denial of service (database corruption) and possibly execute arbitrary code via a long argument to an unspecified procedure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | advanced_queuing_component | * | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_server | 10.1.0.5 | |
| oracle | database_server | 10.2.0.4 | |
| oracle | database_server | 11.1.0.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:advanced_queuing_component:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD3DD8C1-F3FB-4E6C-AD9A-1D4D145CB34E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:dv:*:*:*:*:*:*",
"matchCriteriaId": "5949CA3A-7B77-44D1-9232-361B82E1400B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "03A522A3-07D7-481F-A538-EA3D13256F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4AC251D-9313-4A54-9623-51DC0AEC46FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AF3BD5-BA86-485A-9E78-A5F95B1ECEBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a buffer overflow that allows attackers to cause a denial of service (database corruption) and possibly execute arbitrary code via a long argument to an unspecified procedure."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en el componente Advanced Queuing en Database de Oracle versiones 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 y 11.1.0.6, presenta un impacto desconocido y vectores de ataque autenticados remotos relacionados con SYS.DBMS_AQELM. NOTA: la informaci\u00f3n anterior fue obtenida de la CPU de julio de 2008 de Oracle. Oracle no ha comentado sobre las afirmaciones de un investigador confiable de que este problema es un desbordamiento de b\u00fafer que permite a atacantes causar una denegaci\u00f3n de servicio (corrupci\u00f3n de base de datos) y posiblemente ejecutar c\u00f3digo arbitrario por medio de un argumento largo en un procedimiento no especificado."
}
],
"id": "CVE-2008-2607",
"lastModified": "2024-11-21T00:47:16.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-07-15T23:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=726"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31087"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31113"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020499"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2115"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-16 10:05
Modified
2024-11-21 00:45
Severity ?
Summary
Unspecified vulnerability in the Oracle Net Services component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors, aka DB09.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_server | 10.1.0.5 | |
| oracle | database_server | 10.2.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "03A522A3-07D7-481F-A538-EA3D13256F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle Net Services component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors, aka DB09."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Oracle Net Services en Oracle Database 9.2.0.8, 10.1.0.5 y 10.2.0.3 tiene impacto y vectores de ataque locales desconocidos, tambi\u00e9n conocido como DB09."
}
],
"id": "CVE-2008-1819",
"lastModified": "2024-11-21T00:45:25.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-16T10:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29829"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29874"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42033"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-07-15 23:41
Modified
2024-11-21 00:47
Severity ?
Summary
Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_9i | 9.2.0.8dv | |
| oracle | database_server | 10.2.0.3 | |
| oracle | database_server | 11.1.0.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AF3BD5-BA86-485A-9E78-A5F95B1ECEBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el Componente Oracle Database Vault en Oracle Database 9.2.0.8DV, 10.2.0.3, y 11.1.0.6, tiene vectores de ataque e impacto desconocidos."
}
],
"id": "CVE-2008-2591",
"lastModified": "2024-11-21T00:47:14.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-07-15T23:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31087"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31113"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020499"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2115"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:11
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3983.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.3 | |
| oracle | database_11i | 11.1.0.6 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D836B0-A20F-49D8-9EE3-251BA2D28247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_11i:11.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A56D3F-26C0-465B-9347-70D6EC53F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3983."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Workspace Manager en Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad, relacionado con SYS.LT y WMSYS.LT, una vulnerabilidad diferente a CVE-2008-3982 y CVE-2008-3983."
}
],
"id": "CVE-2008-3984",
"lastModified": "2024-11-21T00:50:38.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:11:11.050",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Not Applicable"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45887"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:11
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-3413 and CVE-2009-3414.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.3 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D836B0-A20F-49D8-9EE3-251BA2D28247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-3413 and CVE-2009-3414."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Workspace Manager en Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad, relacionado con SYS.LT y WMSYS.LT, una vulnerabilidad diferente a CVE-2008-3982 y CVE-2008-3983."
}
],
"id": "CVE-2008-3976",
"lastModified": "2024-11-21T00:50:37.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:11:10.940",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Not Applicable"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45882"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-14 01:30
Modified
2024-11-21 00:54
Severity ?
Summary
Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_IJOB.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.4 | |
| oracle | database_11i | 11.1.0.6 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7940F99-44F2-499B-ABEC-997B9BF7EE1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_11i:11.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A56D3F-26C0-465B-9347-70D6EC53F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:dv:*:*:*:*:*:*",
"matchCriteriaId": "5949CA3A-7B77-44D1-9232-361B82E1400B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Job Queue component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_IJOB."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Job Queue de Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 y 11.1.0.6, permite a usuarios autenticados en remoto comprometer la confidencialidad e integridad; relacionada con DBMS_IJOB."
}
],
"id": "CVE-2008-5437",
"lastModified": "2024-11-21T00:54:06.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-01-14T01:30:00.610",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/51352"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/33525"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/33177"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/51352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0115"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:11
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3990."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Oracle OLAP en Oracle Database 9.2.08, 9.2.0.8DV y 10.1.0.5 permite a usuarios remotos autenticados afectar la disponibilidad, relacionado con OLAPSYS.CWM2_OLAP_AW_AWUTIL, una vulnerabilidad diferente a CVE-2008-3990."
}
],
"id": "CVE-2008-3991",
"lastModified": "2024-11-21T00:50:38.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:11:11.207",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/32291"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45894"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-16 10:05
Modified
2024-11-21 00:45
Severity ?
Summary
Unspecified vulnerability in the Data Pump component in Oracle Database 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote attack vectors related to KUPF$FILE_INT, aka DB11. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB11 is for a buffer overflow in the SYS.KUPF$FILE_INT.GET_FULL_FILENAME procedure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.3 | |
| oracle | database_11g | 11.1.0.6 | |
| oracle | database_9i | 9.2.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D836B0-A20F-49D8-9EE3-251BA2D28247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_11g:11.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2E2826-26E2-4AFD-808B-04C9D8FA5FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Data Pump component in Oracle Database 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote attack vectors related to KUPF$FILE_INT, aka DB11. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB11 is for a buffer overflow in the SYS.KUPF$FILE_INT.GET_FULL_FILENAME procedure."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en el componente Data Pump en Oracle Database versiones 9.2.0.8, 10.1.0.5, 10.2.0.3 y 11.1.0.6, presenta un impacto desconocido y vectores de ataque remotos relacionados con KUPF$FILE_INT, tambi\u00e9n se conoce como DB11. NOTA: la informaci\u00f3n anterior fue obtenida de la CPU de abril de 2008. Oracle no ha comentado sobre las afirmaciones de investigadores confiables que DB11 es para un desbordamiento de b\u00fafer en el procedimiento SYS. KUPF$FILE_INT. GET_FULL_FILENAME."
}
],
"id": "CVE-2008-1820",
"lastModified": "2024-11-21T00:45:25.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-16T10:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29829"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29874"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491524/30/390/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491524/30/390/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42036"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:11
Modified
2024-11-21 00:47
Severity ?
Summary
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue involves an authentication bypass by establishing a TNS connection and impersonating a user session via a crafted authentication message during proxy authentication mode.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.2 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62D38CEF-DC3A-4467-BB9E-1B3DF0DEEFCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue involves an authentication bypass by establishing a TNS connection and impersonating a user session via a crafted authentication message during proxy authentication mode."
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en el componente Core RDBMS en Oracle Database versiones 9.2.0.8, 9.2.0.8DV, 10.1.0.5 y 10.2.0.2, permite a los atacantes remotos afectar a la confidencialidad y la integridad por medio de vectores desconocidos. NOTA: la informaci\u00f3n anterior fue obtenida de la CPU de octubre 2008 de Oracle. Oracle no ha comentado sobre las afirmaciones de un investigador confiable que este problema implica una omisi\u00f3n de autenticaci\u00f3n mediante el establecimiento de una conexi\u00f3n TNS y la suplantaci\u00f3n de una sesi\u00f3n de usuario por medio de un mensaje de autenticaci\u00f3n dise\u00f1ado durante el modo de autenticaci\u00f3n del proxy."
}
],
"id": "CVE-2008-2625",
"lastModified": "2024-11-21T00:47:19.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:11:10.897",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497539/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497539/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45880"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-15 10:30
Modified
2024-11-21 01:01
Severity ?
Summary
Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Resource Manager en Oracle Database v9.2.0.8 y v9.2.0.8DV permite a usuarios remotos autenticados afectar a la confidencialidad, integridadad y disponibilidad mediante vectores desconocidos."
}
],
"id": "CVE-2009-0979",
"lastModified": "2024-11-21T01:01:23.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-15T10:30:00.437",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/34693"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1022052"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-14 01:30
Modified
2024-11-21 00:54
Severity ?
Summary
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.4 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7940F99-44F2-499B-ABEC-997B9BF7EE1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:dv:*:*:*:*:*:*",
"matchCriteriaId": "5949CA3A-7B77-44D1-9232-361B82E1400B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el componente Oracle OLAP en Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5 y 10.2.0.4, permite a usuarios autenticados comprometer la integridad y disponibilidad a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2008-5436",
"lastModified": "2024-11-21T00:54:06.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-01-14T01:30:00.593",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/51346"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/33525"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/33177"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/51346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0115"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:11
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3991.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL, a different vulnerability than CVE-2008-3991."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Oracle OLAP en Oracle Database 9.2.08, 9.2.0.8DV y 10.1.0.5 permite a usuarios remotos autenticados afectar la disponibilidad, relacionado con OLAPSYS.CWM2_OLAP_AW_AWUTIL, una vulnerabilidad diferente a CVE-2008-3991."
}
],
"id": "CVE-2008-3990",
"lastModified": "2024-11-21T00:50:38.803",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:11:11.177",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45893"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-16 10:05
Modified
2024-11-21 00:45
Severity ?
Summary
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_9i | 9.2.0.8dv | |
| oracle | database_server | 9.0.1.5 | |
| oracle | database_server | 10.1.0.5 | |
| oracle | database_server | 10.2.0.3 | |
| oracle | database_server | 11.1.0.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*",
"matchCriteriaId": "D86DC2E3-3B89-4FAC-9B8F-DC629B50ADC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "03A522A3-07D7-481F-A538-EA3D13256F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AF3BD5-BA86-485A-9E78-A5F95B1ECEBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6, presenta un impacto desconocido y vectores de ataque remotos relacionados con (1) SDO_IDX en el componente Spatial, tambi\u00e9n se conoce como DB07; y (2) Core RDBMS, tambi\u00e9n se conoce como DB10. NOTA: la informaci\u00f3n anterior fue obtenida de la CPU de Oracle. Oracle no ha comentado sobre las afirmaciones de investigadores confiables que DB07 es inyecci\u00f3n SQL."
}
],
"id": "CVE-2008-1817",
"lastModified": "2024-11-21T00:45:25.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-16T10:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29829"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29874"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/490920/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42001"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490920/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42002"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-07-15 23:41
Modified
2024-11-21 00:47
Severity ?
Summary
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.2.3 | |
| oracle | database_10g | 10.1.4.2 | |
| oracle | database_9i | 9.0.4.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA4C2F5-D4B8-4597-8840-566A737B78E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F2114C0F-6C86-4B37-B32C-60305D4F7920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "11A2E6FB-8454-4677-943A-AF41FB7E8993",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el Componente Internet Directory de Oracle Application Server 9.0.4.3, 10.1.2.3, y 10.1.4.2, tienen un impacto y vectores de ataque desconocidos. NOTA: la informaci\u00f3n previa se ha obtenido de Oraclew July 2008 CPU.\r\nOracle no ha comentado al investigador oficial que puede tratarse de una denegaci\u00f3n de servicio (ca\u00edda) provocada por una petici\u00f3n LDAP mal formada que dispara una deferencia a un puntero NULL."
}
],
"id": "CVE-2008-2595",
"lastModified": "2024-11-21T00:47:14.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-07-15T23:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31087"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31113"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020494"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/6101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/6101"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-15 10:30
Modified
2024-11-21 01:01
Severity ?
Summary
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is SQL injection in the GRANT_TYPE_ACCESS procedure in the DBMS_AQADM_SYS package.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.3 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D836B0-A20F-49D8-9EE3-251BA2D28247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_AQIN. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is SQL injection in the GRANT_TYPE_ACCESS procedure in the DBMS_AQADM_SYS package."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Advanced Queuing en Oracle Database v9.2.0.8, v9.2.0.8DV, v10.1.0.5 y v10.2.0.3 permite a usuarios remotos autenticados afectar a la confidencialidad y la integridadad, en relaci\u00f3n con DBMS_AQIN."
}
],
"id": "CVE-2009-0977",
"lastModified": "2024-11-21T01:01:23.097",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-15T10:30:00.407",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/34693"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqadm_sys.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/archive/1/502727/100/0/threaded"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1022052"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_aqadm_sys.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502727/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-07-15 23:41
Modified
2024-11-21 00:47
Severity ?
Summary
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | advanced_replication | * | |
| oracle | database_9i | 9.0.1.5 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | advanced_replication | * | |
| oracle | database_server | 10.1.0.5 | |
| oracle | database_server | 10.2.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:advanced_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8263AE39-B1BA-405C-8AFE-40CF0672B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.0.1.5:*:fips\\+:*:*:*:*:*",
"matchCriteriaId": "6C64DE7C-5A32-4C73-8A3D-4B646FB24D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:dv:*:*:*:*:*:*",
"matchCriteriaId": "5949CA3A-7B77-44D1-9232-361B82E1400B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:advanced_replication:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8263AE39-B1BA-405C-8AFE-40CF0672B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "03A522A3-07D7-481F-A538-EA3D13256F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Advanced Replication component de Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, y 10.2.0.3 tiene un impacto desconocido y vectores de ataque locales."
}
],
"id": "CVE-2008-2587",
"lastModified": "2024-11-21T00:47:13.480",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 1.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-07-15T23:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31087"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31113"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020499"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2109/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2115"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:11
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.3 | |
| oracle | database_11i | 11.1.0.6 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D836B0-A20F-49D8-9EE3-251BA2D28247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_11i:11.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A56D3F-26C0-465B-9347-70D6EC53F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Workspace Manager en Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad, relacionado con SYS.LT y WMSYS.LT, una vulnerabilidad diferente a CVE-2008-3982 y CVE-2008-3984."
}
],
"id": "CVE-2008-3983",
"lastModified": "2024-11-21T00:50:37.997",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:11:11.037",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Not Applicable"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45886"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-16 10:05
Modified
2024-11-21 00:45
Severity ?
Summary
Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | application_server | 9.0.4.3 | |
| oracle | database_9i | 9.0.1.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA9867F-D7BC-4230-9584-C2FBB6642482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.0.1.5:*:fips\\+:*:*:*:*:*",
"matchCriteriaId": "6C64DE7C-5A32-4C73-8A3D-4B646FB24D0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el componente Oracle Enterprise Manager en Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2 y Enterprise Manager para AS 1.0.2.2 y Database 9.0.1.5 tiene impacto y vectores de ataque locales desconocidos, tambi\u00e9n conocido como EM01."
}
],
"id": "CVE-2008-1812",
"lastModified": "2024-11-21T00:45:24.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-16T10:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29829"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29874"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41989"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41989"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:11
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.3 | |
| oracle | database_11i | 11.1.0.6 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D836B0-A20F-49D8-9EE3-251BA2D28247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_11i:11.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A56D3F-26C0-465B-9347-70D6EC53F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el componente Workspace Manager de Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6 permite a un atacante remoto comprometer la confidencialidad y la integridad, en relaci\u00f3n con WMSYS.LTADM."
}
],
"id": "CVE-2008-3994",
"lastModified": "2024-11-21T00:50:39.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:11:11.270",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45898"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:11
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3983 and CVE-2008-3984.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.3 | |
| oracle | database_11i | 11.1.0.6 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D836B0-A20F-49D8-9EE3-251BA2D28247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_11i:11.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A56D3F-26C0-465B-9347-70D6EC53F74E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3983 and CVE-2008-3984."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Workspace Manager en Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad, relacionado con SYS.LT y WMSYS.LT, una vulnerabilidad diferente a CVE-2008-3983 y CVE-2008-3984."
}
],
"id": "CVE-2008-3982",
"lastModified": "2024-11-21T00:50:37.887",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:11:11.020",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Not Applicable"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://secunia.com/advisories/32291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1021050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.vupen.com/english/advisories/2008/2825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45885"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-14 01:30
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:dv:*:*:*:*:*:*",
"matchCriteriaId": "5949CA3A-7B77-44D1-9232-361B82E1400B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el componente Oracle OLAP en Oracle Database v9.2.0.8, v9.2.0.8DV, y v10.1.0.5 permite a usuarios autenticados remotamente afectar a la disponibilidad, relacionado con SYS.OLAPIMPL_T."
}
],
"id": "CVE-2008-3999",
"lastModified": "2024-11-21T00:50:39.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-01-14T01:30:00.547",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/51349"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/33525"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/33177"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/51349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0115"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-15 10:30
Modified
2024-11-21 01:01
Severity ?
Summary
Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.2.0.4 | |
| oracle | database_11g | 11.1.0.6 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7940F99-44F2-499B-ABEC-997B9BF7EE1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_11g:11.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2E2826-26E2-4AFD-808B-04C9D8FA5FF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_SYS_SQL."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Database Vault en Oracle Database v9.2.0.8DV, v10.2.0.4 y v11.1.0.6 permite a usuarios remotos autenticados afectar a la confidencialidad y la integridad, en relaci\u00f3n con DBMS_SYS_SQL."
}
],
"id": "CVE-2009-0984",
"lastModified": "2024-11-21T01:01:23.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-15T10:30:00.530",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/34693"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1022052"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-16 10:05
Modified
2024-11-21 00:45
Severity ?
Summary
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_9i | 9.0.1.5 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv | |
| oracle | database_server | 9.0.1.5 | |
| oracle | database_server | 10.1.0.5 | |
| oracle | database_server | 10.2.0.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBBD94E-B3C9-43F4-BFF5-D4E445B75585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*",
"matchCriteriaId": "D86DC2E3-3B89-4FAC-9B8F-DC629B50ADC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "03A522A3-07D7-481F-A538-EA3D13256F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5 y 10.2.0.3, presentan un impacto desconocido y vectores de ataque remotos no autenticados o autenticados relacionados con (1) SYS. DBMS_AQ en el componente Advanced Queue Server, tambi\u00e9n se conoce como DB01; (2) Core RDBMS, tambi\u00e9n se conoce como DB03; (3) SDO_GEOM en Oracle Spatial, tambi\u00e9n se conoce como DB06; (4) Export, tambi\u00e9n se conoce como DB12; y (5) DBMS_STATS en el Query Optimizer , tambi\u00e9n se conoce como DB13. NOTA: la informaci\u00f3n anterior fue obtenida de la CPU de Oracle. Oracle no ha comentado sobre las afirmaciones de investigadores confiables de que DB06 es inyecci\u00f3n SQL y DB13 se produce cuando se restablece la cuenta OUTLN para utilizar una contrase\u00f1a embebida."
}
],
"id": "CVE-2008-1813",
"lastModified": "2024-11-21T00:45:24.517",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-16T10:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29829"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29874"
},
{
"source": "cve@mitre.org",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.red-database-security.com/advisory/oracle_outln_password_change.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/490919/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/490950/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41991"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41992"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41993"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41994"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.red-database-security.com/advisory/oracle_outln_password_change.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490919/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490950/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1233/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/1267/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41992"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41993"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41995"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-15 10:30
Modified
2024-11-21 01:01
Severity ?
Summary
Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_10g | 10.1.0.5 | |
| oracle | database_10g | 10.2.0.4 | |
| oracle | database_11g | 11.1.0.7 | |
| oracle | database_9i | 9.2.0.8 | |
| oracle | database_9i | 9.2.0.8dv |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B7940F99-44F2-499B-ABEC-997B9BF7EE1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_11g:11.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "086DC59A-A1F4-4345-B43E-6EE7E21AF0BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*",
"matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Listener en Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 y 11.1.0.7 permite a atacantes remotos afectar la disponibilidad a trav\u00e9s de vectores desconocidos, una vulnerabilidad diferente a CVE-2009-1970."
}
],
"id": "CVE-2009-0991",
"lastModified": "2024-11-21T01:01:24.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-15T10:30:00.640",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/53737"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/34693"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022052"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"source": "secalert_us@oracle.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/53737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA09-105A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50026"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-14 01:30
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | database_9i | 9.0.2.8 | |
| oracle | database_9i | 9.2.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0937B8BD-F24F-41FC-B487-FF86EC5F2E9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:dv:*:*:*:*:*:*",
"matchCriteriaId": "5949CA3A-7B77-44D1-9232-361B82E1400B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.0.2.8 and 9.2.0.8DV allows remote authenticated users to affect availability, related to SYS.OLAPIMPL_T."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Oracle OLAP en Oracle Database 9.0.2.8 y 9.2.0.8DV, que permite a los usuario autenticados remotamente afectar a la disponibilidad, en relaci\u00f3n a SYS.OLAPIMPL_T."
}
],
"id": "CVE-2008-3974",
"lastModified": "2024-11-21T00:50:36.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-01-14T01:30:00.420",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://osvdb.org/51347"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/33525"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/33177"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.vupen.com/english/advisories/2009/0115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/51347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0115"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}