CVE-2011-2239

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability, related to XMLSEQ_IMP_T.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:H/Au:S/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html	Patch Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA11-201A.html	US Government Resource
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html	Patch Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA11-201A.html	US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:database_server:10.2.0.3:::::::*
	cpe:2.3:a:oracle:database_server:10.2.0.4:::::::*
	cpe:2.3:a:oracle:database_server:10.2.0.5:::::::*
	cpe:2.3:a:oracle:database_server:11.1.0.7:::::::*
	cpe:2.3:a:oracle:database_server:11.2.0.1:::::::*
	cpe:2.3:a:oracle:database_server:11.2.0.2:::::::*

History

21 Nov 2024, 01:27

Type	Values Removed	Values Added
References	~~() http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html - Patch, Vendor Advisory~~	() http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html - Patch, Vendor Advisory
References	~~() http://www.us-cert.gov/cas/techalerts/TA11-201A.html - US Government Resource~~	() http://www.us-cert.gov/cas/techalerts/TA11-201A.html - US Government Resource

Information

Published : 2011-07-20 23:55

Updated : 2024-11-21 01:27

NVD link : CVE-2011-2239

Mitre link : CVE-2011-2239

CVE.ORG link : CVE-2011-2239

JSON object : View

Products Affected

oracle

database_server

CWE

NVD-CWE-noinfo

{"id": "CVE-2011-2239", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-07-20T23:55:01.097", "references": [{"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html", "tags": ["US Government Resource"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability, related to XMLSEQ_IMP_T."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Core RDBMS de Oracle Database Server v10.2.0.3, v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.1, y v11.2.0.2 permite a usuarios remotos autenticados afectar a la confidencialidad, integridad y disponibilidad, en relaci\u00f3n con XMLSEQ_IMP_T."}], "lastModified": "2024-11-21T01:27:52.503", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B"}, {"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4AC251D-9313-4A54-9623-51DC0AEC46FC"}, {"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9ACC1D6F-2EDD-4DAA-B9CE-CF516C2B35C6"}, {"criteria": "cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDEDE937-C3D7-421C-9F70-F546AB823E1D"}, {"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "378CCC72-84CB-45E7-A832-516D69510540"}, {"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D7157D8-4959-4F6C-BFA0-D80862393AA4"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}