CVE-2008-3984

Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3983.

CVSS v2.0 5.5 MEDIUM

5.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:N

Exploitability : 8.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/32291	Permissions Required
http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html	Vendor Advisory
http://www.securitytracker.com/id?1021050	Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2008/2825	Not Applicable
https://exchange.xforce.ibmcloud.com/vulnerabilities/45887

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:database_10g:10.1.0.5:::::::*
	cpe:2.3:a:oracle:database_10g:10.2.0.3:::::::*
	cpe:2.3:a:oracle:database_11i:11.1.0.6:::::::*
	cpe:2.3:a:oracle:database_9i:9.2.0.8:::::::*
	cpe:2.3:a:oracle:database_9i:9.2.0.8dv:::::::*

History

No history.

Information

Published : 2008-10-14 21:11

Updated : 2024-02-28 11:21

NVD link : CVE-2008-3984

Mitre link : CVE-2008-3984

CVE.ORG link : CVE-2008-3984

JSON object : View

Products Affected

oracle

database_11i
database_10g
database_9i

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-3984", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-10-14T21:11:11.050", "references": [{"url": "http://secunia.com/advisories/32291", "tags": ["Permissions Required"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1021050", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2825", "tags": ["Not Applicable"], "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45887", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3983."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Workspace Manager en Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad, relacionado con SYS.LT y WMSYS.LT, una vulnerabilidad diferente a CVE-2008-3982 y CVE-2008-3983."}], "lastModified": "2017-08-08T01:32:19.047", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1"}, {"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6D836B0-A20F-49D8-9EE3-251BA2D28247"}, {"criteria": "cpe:2.3:a:oracle:database_11i:11.1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9A56D3F-26C0-465B-9347-70D6EC53F74E"}, {"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF"}, {"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}