CVE-2008-1817
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection.
Múltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6, presenta un impacto desconocido y vectores de ataque remotos relacionados con (1) SDO_IDX en el componente Spatial, también se conoce como DB07; y (2) Core RDBMS, también se conoce como DB10. NOTA: la información anterior fue obtenida de la CPU de Oracle. Oracle no ha comentado sobre las afirmaciones de investigadores confiables que DB07 es inyección SQL.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-04-15 CVE Reserved
- 2008-04-16 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (12)
URL | Tag | Source |
---|---|---|
http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html | X_refsource_confirm | |
http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html | X_refsource_misc | |
http://www.securityfocus.com/archive/1/490920/100/0/threaded | Mailing List | |
http://www.securitytracker.com/id?1019855 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/41858 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/42001 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/42002 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/29829 | 2018-10-11 | |
http://secunia.com/advisories/29874 | 2018-10-11 | |
http://www.securityfocus.com/archive/1/491024/100/0/threaded | 2018-10-11 | |
http://www.vupen.com/english/advisories/2008/1233/references | 2018-10-11 | |
http://www.vupen.com/english/advisories/2008/1267/references | 2018-10-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Oracle Search vendor "Oracle" | Database 9i Search vendor "Oracle" for product "Database 9i" | 9.2.0.8dv Search vendor "Oracle" for product "Database 9i" and version "9.2.0.8dv" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Database Server Search vendor "Oracle" for product "Database Server" | 9.0.1.5 Search vendor "Oracle" for product "Database Server" and version "9.0.1.5" | fips |
Affected
| ||||||
Oracle Search vendor "Oracle" | Database Server Search vendor "Oracle" for product "Database Server" | 10.1.0.5 Search vendor "Oracle" for product "Database Server" and version "10.1.0.5" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Database Server Search vendor "Oracle" for product "Database Server" | 10.2.0.3 Search vendor "Oracle" for product "Database Server" and version "10.2.0.3" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Database Server Search vendor "Oracle" for product "Database Server" | 11.1.0.6 Search vendor "Oracle" for product "Database Server" and version "11.1.0.6" | - |
Affected
|