ID CVE-2009-1985
Summary Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Per: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html "The CVSS Base Score is 10.0 only for Windows. For Linux, Unix and other platforms, the CVSS Base Score is 7.5, and the impacts for Confidentiality, Integrity and Availability are Partial+."
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 23-10-2012 - 03:07)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 36745
cert TA09-294A
confirm http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html
osvdb 59111
sectrack 1023057
secunia 37027
Last major update 23-10-2012 - 03:07
Published 22-10-2009 - 18:30
Back to Top