Lucene search

[email protected]NVD:CVE-2008-0347

HistoryJan 17, 2008 - 11:00 p.m.

CVE-2008-0347

2008-01-1723:00:00

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

5.8 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.4%

JSON

Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; and Application Server 9.0.4.3 and 10.1.2.0.2; has unknown impact and local attack vectors, aka OCS01. NOTE: Oracle has not disputed a reliable claim that this issue is related to WKSYS schema privileges.

Affected configurations

NVD

Node

oracleapplication_serverMatch1.0.2.2

oracleapplication_serverMatch9.0.4.3

oracleapplication_serverMatch10.1.2.0.2

oracleapplication_serverMatch10.1.2.1.0

oracleapplication_serverMatch10.1.2.2.0

oracleapplication_serverMatch10.1.3.0.0

oracleapplication_serverMatch10.1.3.1.0

oracleapplication_serverMatch10.1.3.3.0

oracleapplication_server_9iMatch9.0.4.3

oracleapplication_server_9iMatch10.1.2.0.2

oraclecollaboration_suiteMatch10.1.2

oracledatabase_serverMatch9.0.1.5fips

oracledatabase_serverMatch9.2.0.8

oracledatabase_serverMatch9.2.0.8dv

oracledatabase_serverMatch10.1.0.5

oracledatabase_serverMatch10.2.0.2

oracledatabase_serverMatch10.2.0.3

oracledatabase_serverMatch11.1.0.6

oraclee-business_suiteMatch11.5.9

oraclee-business_suiteMatch11.5.10

oraclee-business_suiteMatch11.5.10.2

oraclee-business_suiteMatch12.0.0

oraclee-business_suiteMatch12.0.1

oraclee-business_suiteMatch12.0.2

oraclee-business_suiteMatch12.0.3

oraclepeoplesoft_enterprise_peopletoolsMatch8.47

oraclepeoplesoft_enterprise_peopletoolsMatch8.48

oraclepeoplesoft_enterprise_peopletoolsMatch8.49

References

marc.info/?l=bugtraq&m=120058413923005&w=2

secunia.com/advisories/28518

secunia.com/advisories/28556

securitytracker.com/id?1019218

www.oracle.com/technetwork/topics/security/cpujan2008-086860.html

www.petefinnigan.com/Advisory_CPU_Jan_2008.htm

www.securityfocus.com/archive/1/487322/100/100/threaded

www.securityfocus.com/bid/27229

www.us-cert.gov/cas/techalerts/TA08-017A.html

www.vupen.com/english/advisories/2008/0150

www.vupen.com/english/advisories/2008/0180

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

5.8 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.4%

JSON

Related for NVD:CVE-2008-0347

cve1 openvas1 prion1 cvelist1 nessus2