ID CVE-2007-2118
Summary Unspecified vulnerability in the Upgrade/Downgrade component of Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors, aka DB13. NOTE: as of 20070424, Oracle has not disputed reliable claims that this is a buffer overflow involving the "mig utility."
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:9.0.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.0.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.2.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.7:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 16-10-2018 - 16:42)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 23532
cert TA07-108A
confirm http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html
hp
  • HPSBMA02133
  • SSRT061201
misc
sectrack 1017927
vupen ADV-2007-1426
saint via4
bid 23532
description Oracle Database Advanced Replication component DBMS_SNAP_INTERNAL overflow
id database_oracle_version
osvdb 39933
title oracle_advrep_snap_internal
type remote
Last major update 16-10-2018 - 16:42
Published 18-04-2007 - 18:19
Last modified 16-10-2018 - 16:42
Back to Top