ID CVE-2009-1965
Summary Unspecified vulnerability in the Net Foundation Layer component in Oracle Database 9.2.0.8 and 10.1.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Per: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html This vulnerability only affects the Windows platform.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
CVSS
Base: 5.4 (as of 23-10-2012 - 03:07)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:A/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 36760
cert TA09-294A
confirm http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
sectrack 1023057
secunia 37027
Last major update 23-10-2012 - 03:07
Published 22-10-2009 - 18:30
Last modified 23-10-2012 - 03:07
Back to Top