CVE-2008-5445

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service in observiced.exe via malformed private Protocol data that triggers a NULL pointer dereference.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/33525	Vendor Advisory
http://www.fortiguardcenter.com/advisory/FGA-2009-02.html
http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html
http://www.securityfocus.com/archive/1/500113/100/0/threaded
http://www.securityfocus.com/bid/33177
http://www.vupen.com/english/advisories/2009/0115	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:secure_backup:10.2.0.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2009-01-14 02:30

Updated : 2024-02-28 11:21

NVD link : CVE-2008-5445

Mitre link : CVE-2008-5445

CVE.ORG link : CVE-2008-5445

JSON object : View

Products Affected

oracle

secure_backup

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-5445", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-01-14T02:30:00.390", "references": [{"url": "http://secunia.com/advisories/33525", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.fortiguardcenter.com/advisory/FGA-2009-02.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/archive/1/500113/100/0/threaded", "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/33177", "source": "secalert_us@oracle.com"}, {"url": "http://www.vupen.com/english/advisories/2009/0115", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is a denial of service in observiced.exe via malformed private Protocol data that triggers a NULL pointer dereference."}, {"lang": "es", "value": "Una vulnerabilidad no especificada del componente Oracle Secure Backup en Oracle Secure Backup versi\u00f3n 10.2.0.2, permite a los atacantes remotos afectar a la disponibilidad por medio de vectores desconocidos. NOTA: la informaci\u00f3n anterior fue obtenida de la CPU de enero de 2009. Oracle no ha comentado sobre las afirmaciones de investigadores confiables de que este problema es una denegaci\u00f3n de servicio en el archivo observiced.exe mediante datos de protocolo privado malformados que desencadena una desreferencia de un puntero NULL."}], "lastModified": "2018-10-11T20:55:26.547", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:secure_backup:10.2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "792DD25B-0416-485C-8B97-86888EA70CA4"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}