CVE-2008-2608

2008-07-1523:41:00

mitre

web.nvd.nist.gov

cve-2008-2608

oracle

database

vulnerability

data pump

remote attack

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

5.5

Confidence

Low

EPSS

0.008

Percentile

81.3%

JSON

Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5 and 10.2.0.3 has unknown impact and remote authenticated attack vectors related to SYS.KUPF$FILE_INT.

Affected configurations

Nvd

Node

oracledata_pump_component

oracledatabase_serverMatch10.1.0.5

oracledatabase_serverMatch10.2.0.3

VendorProductVersionCPE
oracledata_pump_component*cpe:2.3:a:oracle:data_pump_component:*:*:*:*:*:*:*:*
oracledatabase_server10.1.0.5cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
oracledatabase_server10.2.0.3cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	data_pump_component	*	cpe:2.3:a:oracle:data_pump_component::::::::
oracle	database_server	10.1.0.5	cpe:2.3:a:oracle:database_server:10.1.0.5:::::::*
oracle	database_server	10.2.0.3	cpe:2.3:a:oracle:database_server:10.2.0.3:::::::*