ID CVE-2014-0377
Summary Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via vectors related to SYS tables.
References
Vulnerable Configurations
  • Oracle Database Server 11.2.0.4
    cpe:2.3:a:oracle:database_server:11.2.0.4
  • Oracle Database Server 12.1.0.1
    cpe:2.3:a:oracle:database_server:12.1.0.1
  • Oracle Database Server 11g 11.2.0.3
    cpe:2.3:a:oracle:database_server:11.2.0.3
  • cpe:2.3:a:oracle:database_server:11.1.0.7
CVSS
Base: 4.0 (as of 15-01-2014 - 14:10)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE_INSTANCE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
NASL family Databases
NASL id ORACLE_RDBMS_CPU_JAN_2014.NASL
description The remote Oracle database server is missing the January 2014 Critical Patch Update (CPU) and is, therefore, potentially affected by security issues in the following components : - Core RDBMS - Spatial
last seen 2019-02-21
modified 2018-07-18
plugin id 71970
published 2014-01-15
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=71970
title Oracle Database Multiple Vulnerabilities (January 2014 CPU)
refmap via4
bid
  • 64758
  • 64824
confirm http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
osvdb 102081
sectrack 1029607
secunia 56452
suse SUSE-SU-2014:0130
Last major update 05-03-2014 - 23:50
Published 15-01-2014 - 11:08
Back to Top