ID CVE-2010-0900
Summary Unspecified vulnerability in the Network Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1, when running on Windows, allows remote attackers to affect availability via unknown vectors. Per: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2010.html 'Oracle Database Server Client-Only Installations The following Oracle Database Server vulnerability included in this Critical Patch Update affects client-only installations: CVE-2010-0900' Per: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2010.html 'For patching information please see Critical Patch Update July 2010 Patch Availability Document for Oracle Products, My Oracle Support Note 1089044.1.'
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:11.2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:11.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
CVSS
Base: 2.6 (as of 23-10-2012 - 03:20)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:N/I:N/A:P
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
Last major update 23-10-2012 - 03:20
Published 13-07-2010 - 22:30
Last modified 23-10-2012 - 03:20
Back to Top