Lucene search
HistoryMay 11, 2005 - 4:00 a.m.
CVE-2005-1496
oracle
10g
dbms_scheduler
privilege escalation
cve-2005-1496
nvd
9.1 High
AI Score
Confidence
High
4.6 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.506 Medium
EPSS
Percentile
97.5%
The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.
Affected configurations
Node
oracleapplication_serverMatch10.1.0.2
ORoracleapplication_serverMatch10.1.0.3
ORoracleapplication_serverMatch10.1.0.3.1
ORoracleoracle10gMatchenterprise_10.1.0.2
ORoracleoracle10gMatchenterprise_10.1.0.3
ORoracleoracle10gMatchenterprise_10.1.0.3.1
ORoracleoracle10gMatchpersonal_10.1.0.2
ORoracleoracle10gMatchpersonal_10.1.0.3
ORoracleoracle10gMatchpersonal_10.1.0.3.1
ORoracleoracle10gMatchstandard_10.1.0.2
ORoracleoracle10gMatchstandard_10.1.0.3
ORoracleoracle10gMatchstandard_10.1.0.3.1
Related
nessus
nessus
Oracle 10g DBMS_SCHEDULER Privilege Escalation
2005-05-09 00:00:00
Oracle Application Server Multiple Vulnerabilities
2012-01-24 00:00:00
nvd
nvd
CVE-2005-1496
2005-05-11 04:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Database DBMS_Scheduler Privilege Escalation (CVE-2005-1496)
2010-02-22 00:00:00
cvelist
cvelist
CVE-2005-1496
2005-05-11 04:00:00
9.1 High
AI Score
Confidence
High
4.6 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.506 Medium
EPSS
Percentile
97.5%
Related for CVE-2005-1496