ID CVE-2007-2117
Summary Unspecified vulnerability in the Oracle Text component in Oracle Database 9.0.1.5+ and 9.2.0.5 has unknown impact and attack vectors, aka DB12. NOTE: as of 20070424, Oracle has not disputed reliable claims that this involves a buffer overflow in the ctxsrv server daemon.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:9.2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:9.2.0.5:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 16-10-2018 - 16:42)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:S/C:C/I:C/A:C
refmap via4
bid 23532
cert TA07-108A
confirm http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html
hp
  • HPSBMA02133
  • SSRT061201
misc
sectrack 1017927
vupen ADV-2007-1426
saint via4
bid 23532
description Oracle Database Advanced Replication component DBMS_SNAP_INTERNAL overflow
id database_oracle_version
osvdb 39933
title oracle_advrep_snap_internal
type remote
Last major update 16-10-2018 - 16:42
Published 18-04-2007 - 18:19
Last modified 16-10-2018 - 16:42
Back to Top