CVE-2011-0799 - Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0

CVE-2011-0799

Summary

Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0.5 (OWB), 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Warehouse Builder User Account.

References

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

Vulnerable Configurations

cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:11.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:11.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:10.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:10.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:warehouse_builder:10.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:warehouse_builder:10.2.0.5:*:*:*:*:*:*:*

CVSS

Base:	6.5 (as of 20-04-2011 - 04:00)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:P/A:P

refmap via4

confirm

http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html

saint via4

bid	47431
description	Oracle Warehouse Builder SQL Injection
id	database_oracle_version
osvdb	71956
title	oracle_warehouse_builder_sqli
type	remote

Last major update

20-04-2011 - 04:00

Published

20-04-2011 - 03:14

Last modified

20-04-2011 - 04:00