ID CVE-2015-2585
Summary Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0 allows remote authenticated users to affect availability via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:-:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:1.0.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:1.0.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:1.0.2.2:r1:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:1.0.2.2:r1:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:4.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:4.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:4.0.8:r2:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:4.0.8:r2:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:4.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:4.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:4.2.3:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 22-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:H/Au:S/C:N/I:N/A:P
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
sectrack 1032903
Last major update 22-09-2017 - 01:29
Published 16-07-2015 - 10:59
Last modified 22-09-2017 - 01:29
Back to Top