CVE-2008-1821Improper Restriction of Operations within the Bounds of a Memory Buffer in Oracle Database Server

3 documents3 sources
Severity
9.0CRITICALNVD
EPSS
3.6%
top 12.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Database Server
Timeline
PublishedApr 16
Latest updateMay 1

Description

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+, and 10.1.0.5 has unknown impact and remote attack vectors related to SYS.DBMS_AQJMS_INTERNAL, aka DB15. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB15 is for multiple buffer overflows in the (1) AQ$_REGISTER and (2) AQ$_UNREGISTER procedures.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

NVDoracle/database_server10.1.0.5, 9.0.1.5+1

🔴Vulnerability Details

2
GHSA
GHSA-3g8p-r34g-j4gx: Unspecified vulnerability in the Advanced Queuing component in Oracle Database 92022-05-01
CVEList
CVE-2008-1821: Unspecified vulnerability in the Advanced Queuing component in Oracle Database 92008-04-16
CVE-2008-1821 — Oracle Database Server vulnerability | cvebase