Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-3983

4 documents4 sources
Severity
5.5MEDIUM
EPSS
67.3%
top 1.43%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Oracle Database 10GOracle Database 11IOracle Database 9I
Timeline
PublishedOct 14
Latest updateMay 2

Description

Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 8.0 | Impact: 4.9

Affected Packages3 packages

NVDoracle/database_9i9.2.0.8, 9.2.0.8dv+1
NVDoracle/database_10g10.1.0.5, 10.2.0.3+1
NVDoracle/database_11i11.1.0.6

🔴Vulnerability Details

2
GHSA
GHSA-g85g-p29m-3jgf: Unspecified vulnerability in the Workspace Manager component in Oracle Database 92022-05-02
CVEList
CVE-2008-3983: Unspecified vulnerability in the Workspace Manager component in Oracle Database 92008-10-14

💥Exploits & PoCs

1
Exploit-DB
Oracle 10g - SYS.LT.MERGEWORKSPACE SQL Injection2009-01-06
CVE-2008-3983 (MEDIUM CVSS 5.5) | Unspecified vulnerability in the Wo | cvebase.io