CVE-2009-3414 — Oracle Database 10G vulnerability

9 documents3 sources

Severity

5.5MEDIUMNVD

NVD4.9NVD3.2

EPSS

0.3%

top 45.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Database 10G Oracle Database 9I Oracle Database Server

Timeline

PublishedJan 13

Latest updateMay 2

Description

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-3976 and CVE-2009-3413.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 6.8 | Impact: 4.9

Affected Packages3 packages

▶NVDoracle/database_9i9.2.0.8, 9.2.0.8dv+1

▶NVDoracle/database_10g10.1.0.5, 10.2.0.3+1

▶NVDoracle/database_server4 versions+3

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-fg84-7476-jjh7: Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9↗2022-05-02

▶

GHSA

GHSA-w3pg-w64r-37j8: Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9↗2022-05-02

▶

GHSA

GHSA-g4vp-9w9q-qppx: Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9↗2022-05-02

▶

CVEList

CVE-2009-3414: Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9↗2010-01-13

▶

CVEList

CVE-2009-3413: Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9↗2010-01-13

▶