ID CVE-2007-3857
Summary Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow remote authenticated users to have an unknown impact via (a) the Oracle Text component, including (1) unspecified vectors (DB05), (2) CTXSYS.DRVXMD (DB06), (3) CTXSYS.DRI_MOVE_CTXSYS (DB07), (4) CTXSYS.DRVXMD (DB08), and (b) JavaVM (DB14).
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:10.1.0.5
CVSS
Base: 6.5 (as of 20-07-2007 - 08:15)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family Databases
NASL id ORACLE_RDBMS_CPU_JUL_2007.NASL
description The remote Oracle database server is missing the July 2007 Critical Patch Update (CPU) and therefore is potentially affected by security issues in the following components : - Advanced Queuing - DataGuard - JavaVM - Oracle Data Mining - Oracle Text - PL/SQL - Rules Manager - Spatial - SQL Compiler
last seen 2019-02-21
modified 2018-11-15
plugin id 56057
published 2011-11-16
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=56057
title Oracle Database Multiple Vulnerabilities (July 2007 CPU)
refmap via4
cert TA07-200A
confirm http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html
hp
  • HPSBMA02133
  • SSRT061201
misc
sectrack 1018415
secunia
  • 26114
  • 26166
vupen
  • ADV-2007-2562
  • ADV-2007-2635
xf oracle-cpu-july2007(35490)
Last major update 22-10-2012 - 22:31
Published 18-07-2007 - 15:30
Last modified 28-07-2017 - 21:32
Back to Top