CVE-2009-1985 — Oracle Database Server vulnerability

9 documents5 sources

Severity

10.0CRITICALNVD

EPSS

3.2%

top 12.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Database Server

Timeline

PublishedOct 22

Latest updateMay 2

Description

Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDoracle/database_server4 versions+3

🔴Vulnerability Details

GHSA

GHSA-3jf4-h2h6-qc4x: Unspecified vulnerability in the Network Authentication component in Oracle Database 9↗2022-05-02

▶

CVEList

CVE-2009-1985: Unspecified vulnerability in the Network Authentication component in Oracle Database 9↗2009-10-22

▶

💥Exploits & PoCs

Exploit-DB

HP OpenView Network Node Manager (OV NNM) - 'OvWebHelp.exe' CGI Topic Overflow↗2010-03-30

▶

Exploit-DB

BigAnt Server 2.50 - GET Remote Buffer Overflow (SEH)↗2009-09-15

▶

Exploit-DB

Audio Lib Player - '.m3u' Local Buffer Overflow (SEH)↗2009-09-09

▶

Exploit-DB

POP Peeper 3.4.0.0 - Date Remote Buffer Overflow↗2009-03-12

▶

Exploit-DB

WinFTP Server 2.3.0 - 'LIST' (Authenticated) Remote Buffer Overflow↗2009-01-26

▶