CVE-2005-3445

Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.us-cert.gov/cas/techalerts/TA05-292A.html	US Government Resource
http://www.kb.cert.org/vuls/id/890940	US Government Resource
http://www.kb.cert.org/vuls/id/210524	US Government Resource
http://www.securityfocus.com/bid/15134
http://secunia.com/advisories/17250
http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:application_server:10.1.2.0.0:::::::*
	cpe:2.3:a:oracle:application_server:10.1.2.0.1:::::::*
	cpe:2.3:a:oracle:application_server:9.0.3.1:::::::*
	cpe:2.3:a:oracle:application_server:9.0.4.1:::::::*
	cpe:2.3:a:oracle:database_server:9.2.0.6:::::::*
	cpe:2.3:a:oracle:database_server:9.2.0.7:::::::*
	cpe:2.3:a:oracle:application_server:1.0.2.2:::::::*
	cpe:2.3:a:oracle:application_server:9.0.4.2:::::::*
	cpe:2.3:a:oracle:database_server:10.1.0.3:::::::*
	cpe:2.3:a:oracle:application_server:10.1.2.0.2:::::::*
	cpe:2.3:a:oracle:application_server:9.0.2.3:::::::*
	cpe:2.3:a:oracle:database_server:8.1.7.4:::::::*
	cpe:2.3:a:oracle:database_server:10.1.0.4.2:::::::*
	cpe:2.3:a:oracle:database_server:10.1.0.4:::::::*
	cpe:2.3:a:oracle:database_server:9.2.0.5:::::::*

Information

Published : 2005-11-02 03:03

Updated : 2012-10-22 18:51

NVD link : CVE-2005-3445

Mitre link : CVE-2005-3445

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

oracle

application_server
database_server

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.us-cert.gov/cas/techalerts/TA05-292A.html", "name": "TA05-292A", "tags": ["US Government Resource"], "refsource": "CERT"}, {"url": "http://www.kb.cert.org/vuls/id/890940", "name": "VU#890940", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://www.kb.cert.org/vuls/id/210524", "name": "VU#210524", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://www.securityfocus.com/bid/15134", "name": "15134", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/17250", "name": "17250", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html", "tags": [], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-3445", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-11-02T11:03Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.2.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.2.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:database_server:9.2.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:database_server:9.2.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:database_server:10.1.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:database_server:8.1.7.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:database_server:10.1.0.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:database_server:10.1.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:database_server:9.2.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2012-10-23T01:51Z"}