CVE-2010-3590

Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to MDSYS.

CVSS v2.0 4.9 MEDIUM

4.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:N

Exploitability : 6.8 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/42895	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html	Vendor Advisory
http://www.securityfocus.com/bid/45880
http://www.securitytracker.com/id?1024972
http://www.vupen.com/english/advisories/2011/0139	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/64758

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:database_server:10.2.0.4:::::::*
	cpe:2.3:a:oracle:database_server:11.1.0.7:::::::*
	cpe:2.3:a:oracle:database_server:11.2.0.1:::::::*

History

No history.

Information

Published : 2011-01-19 16:00

Updated : 2024-02-28 11:41

NVD link : CVE-2010-3590

Mitre link : CVE-2010-3590

CVE.ORG link : CVE-2010-3590

JSON object : View

Products Affected

oracle

database_server

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-3590", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-01-19T16:00:02.607", "references": [{"url": "http://secunia.com/advisories/42895", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/45880", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1024972", "source": "secalert_us@oracle.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0139", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64758", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to MDSYS."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle Spatial para Oracle Database Server v10.2.0.4, v11.1.0.7 y v11.2.0.1 permite a usuarios autenticados remotamente afectar a la confidencialidad y la integridad, relacionado con MDSYS."}], "lastModified": "2017-08-17T01:32:59.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4AC251D-9313-4A54-9623-51DC0AEC46FC"}, {"criteria": "cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDEDE937-C3D7-421C-9F70-F546AB823E1D"}, {"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "378CCC72-84CB-45E7-A832-516D69510540"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}