CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0CVE-2008-2625
https://notcve.org/view.php?id=CVE-2008-2625
Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue involves an authentication bypass by establishing a TNS connection and impersonating a user session via a crafted authentication message during proxy authentication mode. Una vulnerabilidad no especificada en el componente Core RDBMS en Oracle Database versiones 9.2.0.8, 9.2.0.8DV, 10.1.0.5 y 10.2.0.2, permite a los atacantes remotos afectar a la confidencialidad y la integridad por medio de vectores desconocidos. NOTA: la información anterior fue obtenida de la CPU de octubre 2008 de Oracle. • http://secunia.com/advisories/32291 http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html http://www.securityfocus.com/archive/1/497539/100/0/threaded http://www.securitytracker.com/id?1021050 http://www.vupen.com/english/advisories/2008/2825 https://exchange.xforce.ibmcloud.com/vulnerabilities/45880 •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2008-2591
https://notcve.org/view.php?id=CVE-2008-2591
Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors. Vulnerabilidad sin especificar en el Componente Oracle Database Vault en Oracle Database 9.2.0.8DV, 10.2.0.3, y 11.1.0.6, tiene vectores de ataque e impacto desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020499 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 •
CVSS: 1.5EPSS: 0%CPEs: 7EXPL: 0CVE-2008-2587
https://notcve.org/view.php?id=CVE-2008-2587
Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors. Vulnerabilidad no especificada en el componente Advanced Replication component de Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, y 10.2.0.3 tiene un impacto desconocido y vectores de ataque locales. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020499 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 •
CVSS: 5.0EPSS: 76%CPEs: 3EXPL: 1CVE-2008-2595 – Oracle Internet Directory 10.1.4 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2008-2595
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference. Vulnerabilidad sin especificar en el Componente Internet Directory de Oracle Application Server 9.0.4.3, 10.1.2.3, y 10.1.4.2, tienen un impacto y vectores de ataque desconocidos. NOTA: la información previa se ha obtenido de Oraclew July 2008 CPU. Oracle no ha comentado al investigador oficial que puede tratarse de una denegación de servicio (caída) provocada por una petición LDAP mal formada que dispara una deferencia a un puntero NULL. • https://www.exploit-db.com/exploits/6101 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020494 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 •
CVSS: 6.5EPSS: 88%CPEs: 6EXPL: 0CVE-2008-2607
https://notcve.org/view.php?id=CVE-2008-2607
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a buffer overflow that allows attackers to cause a denial of service (database corruption) and possibly execute arbitrary code via a long argument to an unspecified procedure. Una vulnerabilidad no especificada en el componente Advanced Queuing en Database de Oracle versiones 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 y 11.1.0.6, presenta un impacto desconocido y vectores de ataque autenticados remotos relacionados con SYS.DBMS_AQELM. NOTA: la información anterior fue obtenida de la CPU de julio de 2008 de Oracle. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=726 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020499 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 •