CVE-2008-1817Oracle Database 9I vulnerability

3 documents3 sources
Severity
9.0CRITICALNVD
EPSS
0.8%
top 25.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Database 9IOracle Database Server
Timeline
PublishedApr 16
Latest updateMay 1

Description

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages2 packages

NVDoracle/database_9i9.2.0.8dv
NVDoracle/database_server4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-w774-4mjh-hp8m: Multiple unspecified vulnerabilities in Oracle Database 92022-05-01
CVEList
CVE-2008-1817: Multiple unspecified vulnerabilities in Oracle Database 92008-04-16
CVE-2008-1817 — Oracle Database 9I vulnerability | cvebase