7.2 High
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.297 Low
EPSS
Percentile
96.9%
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINK_INFO procedure in the DBMS_AQADM_SYS package.
CPE | Name | Operator | Version |
---|---|---|---|
oracle:database_server | oracle database server | eq | 9.0.1.5 |
oracle:database_server | oracle database server | eq | 10.1.0.5 |
marc.info/?l=bugtraq&m=119332677525918&w=2
secunia.com/advisories/27251
secunia.com/advisories/27409
www.appsecinc.com/resources/alerts/oracle/2007-08.shtml
www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html
www.securityfocus.com/archive/1/482923/100/100/threaded
www.securityfocus.com/bid/26235
www.securitytracker.com/id?1018823
www.us-cert.gov/cas/techalerts/TA07-290A.html
www.vupen.com/english/advisories/2007/3524
www.vupen.com/english/advisories/2007/3626
More