CVE-2008-3994

Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM.

CVSS v2.0 5.5 MEDIUM

5.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:N

Exploitability : 8.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/32291	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html
http://www.securitytracker.com/id?1021050
http://www.vupen.com/english/advisories/2008/2825
https://exchange.xforce.ibmcloud.com/vulnerabilities/45898

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:database_10g:10.1.0.5:::::::*
	cpe:2.3:a:oracle:database_10g:10.2.0.3:::::::*
	cpe:2.3:a:oracle:database_11i:11.1.0.6:::::::*
	cpe:2.3:a:oracle:database_9i:9.2.0.8:::::::*
	cpe:2.3:a:oracle:database_9i:9.2.0.8dv:::::::*

History

No history.

Information

Published : 2008-10-14 21:11

Updated : 2023-12-10 10:51

NVD link : CVE-2008-3994

Mitre link : CVE-2008-3994

CVE.ORG link : CVE-2008-3994

JSON object : View

Products Affected

oracle

database_11i
database_9i
database_10g

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-3994", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-10-14T21:11:11.270", "references": [{"url": "http://secunia.com/advisories/32291", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1021050", "source": "secalert_us@oracle.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2825", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45898", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el componente Workspace Manager de Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6 permite a un atacante remoto comprometer la confidencialidad y la integridad, en relaci\u00f3n con WMSYS.LTADM."}], "lastModified": "2017-08-08T01:32:19.547", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1"}, {"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6D836B0-A20F-49D8-9EE3-251BA2D28247"}, {"criteria": "cpe:2.3:a:oracle:database_11i:11.1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9A56D3F-26C0-465B-9347-70D6EC53F74E"}, {"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF"}, {"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}