ID CVE-2008-1814
Summary Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3 and 10.1.2.2; and Oracle Collaboration Suite 10.1.2; has unknown impact and remote attack vectors, aka DB04.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_server_10g:10.1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:application_server_10g:10.1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
CVSS
Base: 9.0 (as of 11-10-2018 - 20:37)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:S/C:C/I:C/A:C
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html
hp
  • HPSBMA02133
  • SSRT061201
sectrack 1019855
secunia
  • 29829
  • 29874
vupen
  • ADV-2008-1233
  • ADV-2008-1267
xf
  • oracle-cpu-april-2008(41858)
  • oracle-search-wksys-unspecified(41997)
Last major update 11-10-2018 - 20:37
Published 16-04-2008 - 10:05
Back to Top