CVE-2007-5514

Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have unknown impact and attack vectors related to (1) Database Vault component (DB24) and (2) SQL Execution component (DB26).

CVSS v2.0 6.5 MEDIUM

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://marc.info/?l=bugtraq&m=119332677525918&w=2
http://secunia.com/advisories/27251	Vendor Advisory
http://secunia.com/advisories/27409
http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html
http://www.securitytracker.com/id?1018823
http://www.us-cert.gov/cas/techalerts/TA07-290A.html	US Government Resource
http://www.vupen.com/english/advisories/2007/3524
http://www.vupen.com/english/advisories/2007/3626

Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-10-17 23:17

Updated : 2024-02-28 11:01

NVD link : CVE-2007-5514

Mitre link : CVE-2007-5514

CVE.ORG link : CVE-2007-5514

JSON object : View

Products Affected

oracle

database_server

CWE

NVD-CWE-noinfo

{"id": "CVE-2007-5514", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-10-17T23:17:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27251", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/27409", "source": "cve@mitre.org"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1018823", "source": "cve@mitre.org"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/3524", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2007/3626", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have unknown impact and attack vectors related to (1) Database Vault component (DB24) and (2) SQL Execution component (DB26)."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades sin especificar en las Bases de Datos Oracle 10.2.0.3 tienen un impacto desconocido y vectores de ataque relacionados con (1) el componente Database Vault (DB24) y (2) el componente SQL Execution (DB26)."}], "lastModified": "2012-10-23T02:36:40.740", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}