CVE-2008-1816
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 have unknown impact and remote authenticated attack vectors related to (1) SDO_UTIL in the Oracle Spatial component, aka DB05; or (2) fine grained auditing in the Audit component, aka DB14. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB05 is SQL injection.
Múltiples vulnerabilidades no especificadas en Oracle Database versiones 10.1.0.5 y 10.2.0.3, presenta un impacto desconocido y vectores de ataque remotos autenticados relacionados con (1) SDO_UTIL en el componente Oracle Spatial, también se conoce como DB05 ; o (2) auditoría detallada en el componente Audit, también se conoce como DB14. NOTA: la información anterior fue obtenida de la CPU de Oracle. Oracle no ha comentado sobre las afirmaciones de investigadores confiables que DB05 es inyección SQL.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-04-15 CVE Reserved
- 2008-04-16 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html | X_refsource_confirm | |
http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_util.html | X_refsource_misc | |
http://www.securityfocus.com/archive/1/490918/100/0/threaded | Mailing List | |
http://www.securitytracker.com/id?1019855 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/41858 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/41999 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/42000 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/29829 | 2018-10-11 | |
http://secunia.com/advisories/29874 | 2018-10-11 | |
http://www.securityfocus.com/archive/1/491024/100/0/threaded | 2018-10-11 | |
http://www.vupen.com/english/advisories/2008/1233/references | 2018-10-11 | |
http://www.vupen.com/english/advisories/2008/1267/references | 2018-10-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Oracle Search vendor "Oracle" | Database Server Search vendor "Oracle" for product "Database Server" | 10.1.0.5 Search vendor "Oracle" for product "Database Server" and version "10.1.0.5" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Database Server Search vendor "Oracle" for product "Database Server" | 10.2.0.3 Search vendor "Oracle" for product "Database Server" and version "10.2.0.3" | - |
Affected
|