Lucene search

[email protected]CVE-2010-0072

HistoryJan 13, 2010 - 1:30 a.m.

CVE-2010-0072

2010-01-1301:30:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve

2010

0072

vulnerability

oracle

secure backup

remote attackers

confidentiality

integrity

availability

buffer overflow

observiced.exe

arbitrary code

tcp port 10000

nvd

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.963 High

EPSS

Percentile

99.5%

JSON

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a buffer overflow in observiced.exe that allows remote attackers to execute arbitrary code via vectors related to a “reverse lookup of connections” to TCP port 10000.

CPENameOperatorVersion
oracle:secure_backuporacle secure backupeq10.2.0.3

CPE	Name	Operator	Version
oracle:secure_backup	oracle secure backup	eq	10.2.0.3

References

www.oracle.com/technetwork/topics/security/cpujan2010-084891.html

www.us-cert.gov/cas/techalerts/TA10-012A.html

7.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.963 High

EPSS

Percentile

99.5%

JSON

Related for CVE-2010-0072

prion1 securityvulns3 zdi1 checkpoint_advisories1 nessus1 oracle1