Published: 14/07/2009 Updated: 17/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Unspecified vulnerability in the Secure Enterprise Search component in Oracle Database 10.1.8.3 allows remote malicious users to affect integrity via unknown vectors. NOTE: the previous information was obtained from the July 2009 CPU. Oracle has not commented on claims from an established researcher that this is cross-site scripting (XSS) via the search_p_groups parameter in search/query/search.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle database server 10.1.8.3

source: wwwsecurityfocuscom/bid/35681/info Oracle Database is prone to a cross-site scripting vulnerability that affects the Secure Enterprise Search component An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site This may let the attacker steal c ...

Oracle Secure Enterprise Search (SES) version 101820 suffers from a cross site scripting vulnerability ...

NVD-CWE-noinfo http://dsecrg.com/pages/vul/show.php?id=125 http://www.securitytracker.com/id?1022560 http://www.securityfocus.com/bid/35681 http://secunia.com/advisories/35776 http://osvdb.org/55892 http://www.vupen.com/english/advisories/2009/1900 http://archives.neohapsis.com/archives/bugtraq/2009-07/0110.html http://www.oracle.com/technetwork/topics/security/cpujul2009-091332.html https://exchange.xforce.ibmcloud.com/vulnerabilities/51754 https://nvd.nist.gov https://www.exploit-db.com/exploits/33082/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-1968

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect