CVE-2008-2595

Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service (crash) via a malformed LDAP request that triggers a NULL pointer dereference.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725
http://secunia.com/advisories/31087
http://secunia.com/advisories/31113
http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html
http://www.securitytracker.com/id?1020494
http://www.vupen.com/english/advisories/2008/2109/references
http://www.vupen.com/english/advisories/2008/2115
https://www.exploit-db.com/exploits/6101
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725
http://secunia.com/advisories/31087
http://secunia.com/advisories/31113
http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html
http://www.securitytracker.com/id?1020494
http://www.vupen.com/english/advisories/2008/2109/references
http://www.vupen.com/english/advisories/2008/2115
https://www.exploit-db.com/exploits/6101

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:database_10g:10.1.2.3:::::::*
	cpe:2.3:a:oracle:database_10g:10.1.4.2:::::::*
	cpe:2.3:a:oracle:database_9i:9.0.4.3:::::::*

History

21 Nov 2024, 00:47

Type	Values Removed	Values Added
References	~~() http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 -~~	() http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 -
References	~~() http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725 -~~	() http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=725 -
References	~~() http://secunia.com/advisories/31087 -~~	() http://secunia.com/advisories/31087 -
References	~~() http://secunia.com/advisories/31113 -~~	() http://secunia.com/advisories/31113 -
References	~~() http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html -~~	() http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html -
References	~~() http://www.securitytracker.com/id?1020494 -~~	() http://www.securitytracker.com/id?1020494 -
References	~~() http://www.vupen.com/english/advisories/2008/2109/references -~~	() http://www.vupen.com/english/advisories/2008/2109/references -
References	~~() http://www.vupen.com/english/advisories/2008/2115 -~~	() http://www.vupen.com/english/advisories/2008/2115 -
References	~~() https://www.exploit-db.com/exploits/6101 -~~	() https://www.exploit-db.com/exploits/6101 -

Information

Published : 2008-07-15 23:41

Updated : 2024-11-21 00:47

NVD link : CVE-2008-2595

Mitre link : CVE-2008-2595

CVE.ORG link : CVE-2008-2595

JSON object : View

Products Affected

oracle

database_10g
database_9i

CWE

NVD-CWE-noinfo

5.0 /10