CVE-2008-5436

Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors.

CVSS v2.0 5.5 MEDIUM

5.5^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:P/A:P

Exploitability : 8.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.securityfocus.com/bid/33177
http://www.securitytracker.com/id?1021561
http://osvdb.org/51346
http://secunia.com/advisories/33525
http://www.vupen.com/english/advisories/2009/0115
http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:database_9i:9.2.0.8:::::::*
	cpe:2.3:a:oracle:database_9i:9.2.0.8:dv::::::
	cpe:2.3:a:oracle:database_10g:10.1.0.5:::::::*
	cpe:2.3:a:oracle:database_10g:10.2.0.4:::::::*

Information

Published : 2009-01-13 17:30

Updated : 2012-10-22 19:56

NVD link : CVE-2008-5436

Mitre link : CVE-2008-5436

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

oracle

database_9i
database_10g

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/33177", "name": "33177", "tags": [], "refsource": "BID"}, {"url": "http://www.securitytracker.com/id?1021561", "name": "1021561", "tags": [], "refsource": "SECTRACK"}, {"url": "http://osvdb.org/51346", "name": "51346", "tags": [], "refsource": "OSVDB"}, {"url": "http://secunia.com/advisories/33525", "name": "33525", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2009/0115", "name": "ADV-2009-0115", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html", "tags": [], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect integrity and availability via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-5436", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2009-01-14T01:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:database_9i:9.2.0.8:dv:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:database_10g:10.2.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2012-10-23T02:56Z"}

5.5 /10