CVE-2011-2242

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP.

CVSS v2.0 1.3 LOW

1.3^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:M/Au:M/C:P/I:N/A:N

Exploitability : 2.2 / Impact : 2.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication MULTIPLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html	Patch Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA11-201A.html	US Government Resource
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html	Patch Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA11-201A.html	US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:database_server:11.2.0.1:::::::*
	cpe:2.3:a:oracle:database_server:11.2.0.2:::::::*

History

21 Nov 2024, 01:27

Type	Values Removed	Values Added
References	~~() http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html - Patch, Vendor Advisory~~	() http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html - Patch, Vendor Advisory
References	~~() http://www.us-cert.gov/cas/techalerts/TA11-201A.html - US Government Resource~~	() http://www.us-cert.gov/cas/techalerts/TA11-201A.html - US Government Resource

Information

Published : 2011-07-20 23:55

Updated : 2024-11-21 01:27

NVD link : CVE-2011-2242

Mitre link : CVE-2011-2242

CVE.ORG link : CVE-2011-2242

JSON object : View

Products Affected

oracle

database_server

CWE

NVD-CWE-noinfo

{"id": "CVE-2011-2242", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.3, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:M/C:P/I:N/A:N", "authentication": "MULTIPLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 2.2, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-07-20T23:55:01.223", "references": [{"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html", "tags": ["US Government Resource"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Core RDBMS en Oracle Database Server v11.2.0.1 y v11.2.0.2 permite a usuarios locales comprometer la confidencialidad, relacionado con XML DB FTP."}], "lastModified": "2024-11-21T01:27:52.830", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "378CCC72-84CB-45E7-A832-516D69510540"}, {"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D7157D8-4959-4F6C-BFA0-D80862393AA4"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}