CVE-2009-1993 — Oracle Database Server vulnerability

4 documents4 sources

Severity

5.5MEDIUMNVD

EPSS

0.5%

top 33.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Database Server

Timeline

PublishedOct 22

Latest updateMay 2

Description

Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS_030000.WWV_EXECUTE_IMMEDIATE.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 8.0 | Impact: 4.9

Affected Packages1 packages

▶NVDoracle/database_server3.0.1

🔴Vulnerability Details

GHSA

GHSA-q4wr-x53p-mqh6: Unspecified vulnerability in the Application Express component in Oracle Database 3↗2022-05-02

▶

CVEList

CVE-2009-1993: Unspecified vulnerability in the Application Express component in Oracle Database 3↗2009-10-22

▶

💥Exploits & PoCs

Exploit-DB

Quick Heal 10.00 SP1 - Local Privilege Escalation↗2009-10-13

▶