1. CVE-Search
  2. CVE-2007-3856
ID CVE-2007-3856
Summary Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMP_SYS, aka DB04. As the vulnerability impact is unspecified, the impact has been set to a default value of "Obtain Other Access."
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:9.2.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oracle10g:standard_10.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:oracle10g:standard_10.1.0.5:*:*:*:*:*:*:*
CVSS
Base: 6.5 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:P/A:P
refmap via4
cert TA07-200A
confirm http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html
hp
  • HPSBMA02133
  • SSRT061201
misc
sectrack 1018415
secunia
  • 26114
  • 26166
vupen
  • ADV-2007-2562
  • ADV-2007-2635
xf oracle-cpu-july2007(35490)
Last major update 29-07-2017 - 01:32
Published 18-07-2007 - 19:30
Last modified 29-07-2017 - 01:32
Back to Top