CVE-2009-1005 - Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) c

CVE-2009-1005

Summary

Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

References

Vulnerable Configurations

cpe:2.3:a:oracle:bea_product_suite:3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:bea_product_suite:3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:bea_product_suite:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:bea_product_suite:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:bea_product_suite:3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:bea_product_suite:3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:bea_product_suite:10.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:bea_product_suite:10.3.0:*:*:*:*:*:*:*

CVSS

Base:	4.1 (as of 23-10-2012 - 03:04)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:M/Au:S/C:P/I:P/A:P

refmap via4

bid	34461
cert	TA09-105A
confirm	http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html http://www.oracle.com/technology/deploy/security/wls-security/1005.html
osvdb	53760
sectrack	1022059

Last major update

23-10-2012 - 03:04

Published

15-04-2009 - 10:30

Last modified

23-10-2012 - 03:04