Lucene search

[email protected]CVE-2007-5511

HistoryOct 17, 2007 - 11:17 p.m.

CVE-2007-5511

2007-10-1723:17:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2007-5511

sql injection

oracle database

workspace manager

owm 10.2.0.4.1

owm 10.1.0.8.0

owm 9.2.0.8.0

8.1 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

JSON

SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain.

CPENameOperatorVersion
oracle:database_serveroracle database servereq*

CPE	Name	Operator	Version
oracle:database_server	oracle database server	eq	*

References

marc.info/?l=bugtraq&m=119332677525918&w=2

osvdb.org/40079

secunia.com/advisories/27251

secunia.com/advisories/27409

securityreason.com/securityalert/3245

www.securityfocus.com/archive/1/482429/100/0/threaded

www.securityfocus.com/bid/26098

www.securitytracker.com/id?1018823

www.vupen.com/english/advisories/2007/3524

www.vupen.com/english/advisories/2007/3626

www.exploit-db.com/exploits/4570

www.exploit-db.com/exploits/4571

www.exploit-db.com/exploits/4572

8.1 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

JSON

Related for CVE-2007-5511

prion2 cve1 checkpoint_advisories2 nessus1