CVE-2007-5504
7.2 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.297 Low
EPSS
Percentile
96.9%
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINK_INFO procedure in the DBMS_AQADM_SYS package.
| CPE | Name | Operator | Version |
|---|---|---|---|
| oracle:database_server | oracle database server | eq | 9.0.1.5 |
| oracle:database_server | oracle database server | eq | 10.1.0.5 |
References
marc.info/?l=bugtraq&m=119332677525918&w=2
secunia.com/advisories/27251
secunia.com/advisories/27409
www.appsecinc.com/resources/alerts/oracle/2007-08.shtml
www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html
www.securityfocus.com/archive/1/482923/100/100/threaded
www.securityfocus.com/bid/26235
www.securitytracker.com/id?1018823
www.us-cert.gov/cas/techalerts/TA07-290A.html
www.vupen.com/english/advisories/2007/3524
www.vupen.com/english/advisories/2007/3626
Social References
More
Related
7.2 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.297 Low
EPSS
Percentile
96.9%