CVE-2008-1813 (GCVE-0-2008-1813)
Vulnerability from cvelistv5
Published
2008-04-16 10:00
Modified
2024-08-07 08:32
Severity ?
CWE
  • n/a
Summary
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password.
References
cve@mitre.org http://secunia.com/advisories/29829 Vendor Advisory
cve@mitre.org http://secunia.com/advisories/29874 Vendor Advisory
cve@mitre.org http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html
cve@mitre.org http://www.red-database-security.com/advisory/oracle_outln_password_change.html
cve@mitre.org http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html
cve@mitre.org http://www.securityfocus.com/archive/1/490919/100/0/threaded
cve@mitre.org http://www.securityfocus.com/archive/1/490950/100/0/threaded
cve@mitre.org http://www.securityfocus.com/archive/1/491024/100/0/threaded
cve@mitre.org http://www.securityfocus.com/archive/1/491024/100/0/threaded
cve@mitre.org http://www.securitytracker.com/id?1019855
cve@mitre.org http://www.vupen.com/english/advisories/2008/1233/references Vendor Advisory
cve@mitre.org http://www.vupen.com/english/advisories/2008/1267/references Vendor Advisory
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/41858
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/41991
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/41992
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/41993
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/41994
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/41995
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/29829 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/29874 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html
af854a3a-2127-422b-91ae-364da2661108 http://www.red-database-security.com/advisory/oracle_outln_password_change.html
af854a3a-2127-422b-91ae-364da2661108 http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/490919/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/490950/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/491024/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/491024/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securitytracker.com/id?1019855
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2008/1233/references Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2008/1267/references Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/41858
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/41991
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/41992
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/41993
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/41994
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/41995
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:32:01.496Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.red-database-security.com/advisory/oracle_outln_password_change.html"
          },
          {
            "name": "oracle-cpu-april-2008(41858)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
          },
          {
            "name": "ADV-2008-1267",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1267/references"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html"
          },
          {
            "name": "ADV-2008-1233",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1233/references"
          },
          {
            "name": "oracle-database-sdogeom-sql-injection(41993)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41993"
          },
          {
            "name": "oracle-database-queryop-default-password(41995)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41995"
          },
          {
            "name": "1019855",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019855"
          },
          {
            "name": "20080416 Oracle - SQL Injection in package SDO_GEOM [DB06]",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490919/100/0/threaded"
          },
          {
            "name": "29829",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29829"
          },
          {
            "name": "HPSBMA02133",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
          },
          {
            "name": "oracle-database-export-info-disclosure(41994)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41994"
          },
          {
            "name": "29874",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29874"
          },
          {
            "name": "SSRT061201",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
          },
          {
            "name": "oracle-database-corerdbms-unspecified(41992)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41992"
          },
          {
            "name": "oracle-database-dbmsaq-unspecified(41991)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41991"
          },
          {
            "name": "20080416 Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/490950/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13.  NOTE: the previous information was obtained from the Oracle CPU.  Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.red-database-security.com/advisory/oracle_outln_password_change.html"
        },
        {
          "name": "oracle-cpu-april-2008(41858)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
        },
        {
          "name": "ADV-2008-1267",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1267/references"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html"
        },
        {
          "name": "ADV-2008-1233",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1233/references"
        },
        {
          "name": "oracle-database-sdogeom-sql-injection(41993)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41993"
        },
        {
          "name": "oracle-database-queryop-default-password(41995)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41995"
        },
        {
          "name": "1019855",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019855"
        },
        {
          "name": "20080416 Oracle - SQL Injection in package SDO_GEOM [DB06]",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490919/100/0/threaded"
        },
        {
          "name": "29829",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29829"
        },
        {
          "name": "HPSBMA02133",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
        },
        {
          "name": "oracle-database-export-info-disclosure(41994)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41994"
        },
        {
          "name": "29874",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29874"
        },
        {
          "name": "SSRT061201",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
        },
        {
          "name": "oracle-database-corerdbms-unspecified(41992)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41992"
        },
        {
          "name": "oracle-database-dbmsaq-unspecified(41991)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41991"
        },
        {
          "name": "20080416 Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/490950/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-1813",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13.  NOTE: the previous information was obtained from the Oracle CPU.  Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.red-database-security.com/advisory/oracle_outln_password_change.html",
              "refsource": "MISC",
              "url": "http://www.red-database-security.com/advisory/oracle_outln_password_change.html"
            },
            {
              "name": "oracle-cpu-april-2008(41858)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41858"
            },
            {
              "name": "ADV-2008-1267",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1267/references"
            },
            {
              "name": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html",
              "refsource": "MISC",
              "url": "http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html"
            },
            {
              "name": "ADV-2008-1233",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1233/references"
            },
            {
              "name": "oracle-database-sdogeom-sql-injection(41993)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41993"
            },
            {
              "name": "oracle-database-queryop-default-password(41995)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41995"
            },
            {
              "name": "1019855",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019855"
            },
            {
              "name": "20080416 Oracle - SQL Injection in package SDO_GEOM [DB06]",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490919/100/0/threaded"
            },
            {
              "name": "29829",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29829"
            },
            {
              "name": "HPSBMA02133",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html"
            },
            {
              "name": "oracle-database-export-info-disclosure(41994)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41994"
            },
            {
              "name": "29874",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29874"
            },
            {
              "name": "SSRT061201",
              "refsource": "HP",
              "url": "http://www.securityfocus.com/archive/1/491024/100/0/threaded"
            },
            {
              "name": "oracle-database-corerdbms-unspecified(41992)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41992"
            },
            {
              "name": "oracle-database-dbmsaq-unspecified(41991)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41991"
            },
            {
              "name": "20080416 Oracle - Hardcoded Password and Password Reset of OUTLN User [DB13]",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/490950/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-1813",
    "datePublished": "2008-04-16T10:00:00",
    "dateReserved": "2008-04-15T00:00:00",
    "dateUpdated": "2024-08-07T08:32:01.496Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-1813\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-04-16T10:05:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote unauthenticated or authenticated attack vectors related to (1) SYS.DBMS_AQ in the Advanced Queuing component, aka DB01; (2) Core RDBMS, aka DB03; (3) SDO_GEOM in Oracle Spatial, aka DB06; (4) Export, aka DB12; and (5) DBMS_STATS in Query Optimizer, aka DB13.  NOTE: the previous information was obtained from the Oracle CPU.  Oracle has not commented on reliable researcher claims that DB06 is SQL injection, and DB13 occurs when the OUTLN account is reset to use a hard-coded password.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5 y 10.2.0.3, presentan un impacto desconocido y vectores de ataque remotos no autenticados o autenticados relacionados con (1) SYS. DBMS_AQ en el componente Advanced Queue Server, tambi\u00e9n se conoce como DB01; (2) Core RDBMS, tambi\u00e9n se conoce como DB03; (3) SDO_GEOM en Oracle Spatial, tambi\u00e9n se conoce como DB06; (4) Export, tambi\u00e9n se conoce como DB12; y (5) DBMS_STATS en el Query Optimizer , tambi\u00e9n se conoce como DB13. NOTA: la informaci\u00f3n anterior fue obtenida de la CPU de Oracle. Oracle no ha comentado sobre las afirmaciones de investigadores confiables de que DB06 es inyecci\u00f3n SQL y DB13 se produce cuando se restablece la cuenta OUTLN para utilizar una contrase\u00f1a embebida.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_9i:9.0.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDBBD94E-B3C9-43F4-BFF5-D4E445B75585\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35853080-470C-415B-B15B-D93A6DE856FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37FDC572-7FE0-41B2-99D6-139819781038\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*\",\"matchCriteriaId\":\"D86DC2E3-3B89-4FAC-9B8F-DC629B50ADC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03A522A3-07D7-481F-A538-EA3D13256F63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED41086B-840A-4B39-B249-461A4B00B57B\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/29829\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29874\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.red-database-security.com/advisory/oracle_outln_password_change.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/490919/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/490950/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/491024/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/491024/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1019855\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1233/references\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1267/references\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41858\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41991\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41992\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41993\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41994\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41995\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/29829\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/29874\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.red-database-security.com/advisory/oracle_outln_password_change.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_geom.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/490919/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/490950/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/491024/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/491024/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1019855\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1233/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1267/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41858\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41991\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41992\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41993\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41994\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/41995\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.