Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 14/10/2008 Updated: 11/10/2018

CVSS v2 Base Score: 4 | Impact Score: 4.9 | Exploitability Score: 4.9

VMScore: 356

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.2 allows remote malicious users to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue involves an authentication bypass by establishing a TNS connection and impersonating a user session via a crafted authentication message during proxy authentication mode.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle database 9i 9.2.0.8dv
oracle database 9i 9.2.0.8
oracle database 10g 10.1.0.5
oracle database 10g 10.2.0.2

NVD-CWE-noinfo http://secunia.com/advisories/32291 http://www.securitytracker.com/id?1021050 http://www.vupen.com/english/advisories/2008/2825 http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html https://exchange.xforce.ibmcloud.com/vulnerabilities/45880 http://www.securityfocus.com/archive/1/497539/100/0/threaded https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-2625

Vulnerability Summary

References

Vulmon Search

About

Products

Connect