Lucene search

PRIOn knowledge basePRION:CVE-2008-2595

HistoryJul 15, 2008 - 11:41 p.m.

Null pointer dereference

2008-07-1523:41:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.811 High

EPSS

Percentile

98.2%

JSON

Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference.

CPENameOperatorVersion
database_10geq10.1.4.2
database_10geq10.1.2.3
database_9ieq9.0.4.3

Name	Operator	Version
database_10g	eq	10.1.4.2
database_10g	eq	10.1.2.3
database_9i	eq	9.0.4.3

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143

labs.idefense.com/intelligence/vulnerabilities/display.php?id=725

secunia.com/advisories/31087

secunia.com/advisories/31113

www.oracle.com/technetwork/topics/security/cpujul2008-090335.html

www.securitytracker.com/id?1020494

www.vupen.com/english/advisories/2008/2109/references

www.vupen.com/english/advisories/2008/2115

www.exploit-db.com/exploits/6101

6.2 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.811 High

EPSS

Percentile

98.2%

JSON

Related for PRION:CVE-2008-2595