Lucene search

[email protected]CVE-2008-1814

HistoryApr 16, 2008 - 10:05 a.m.

CVE-2008-1814

2008-04-1610:05:00

[email protected]

web.nvd.nist.gov

oracle

vulnerability

security

database

ultrasearch

nvd

cve-2008-1814

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.3%

JSON

Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3 and 10.1.2.2; and Oracle Collaboration Suite 10.1.2; has unknown impact and remote attack vectors, aka DB04.

Affected configurations

NVD

Node

oracleapplication_serverMatch9.0.4.3

oracleapplication_serverMatch10.1.2.2

oraclecollaboration_suiteMatch10.1.2

oracledatabaseMatch9.0.1.5fips

oracledatabaseMatch9.2.0.8

oracledatabaseMatch9.2.0.8dv

oracledatabaseMatch10.1.0.5

oracledatabaseMatch10.2.0.3

CPENameOperatorVersion
oracle:application_serveroracle application servereq9.0.4.3
oracle:application_serveroracle application servereq10.1.2.2
oracle:collaboration_suiteoracle collaboration suiteeq10.1.2
oracle:databaseoracle databaseeq9.0.1.5
oracle:databaseoracle databaseeq9.2.0.8
oracle:databaseoracle databaseeq9.2.0.8dv
oracle:databaseoracle databaseeq10.1.0.5
oracle:databaseoracle databaseeq10.2.0.3

CPE	Name	Operator	Version
oracle:application_server	oracle application server	eq	9.0.4.3
oracle:application_server	oracle application server	eq	10.1.2.2
oracle:collaboration_suite	oracle collaboration suite	eq	10.1.2
oracle:database	oracle database	eq	9.0.1.5
oracle:database	oracle database	eq	9.2.0.8
oracle:database	oracle database	eq	9.2.0.8dv
oracle:database	oracle database	eq	10.1.0.5
oracle:database	oracle database	eq	10.2.0.3

References

secunia.com/advisories/29829

secunia.com/advisories/29874

www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html

www.securityfocus.com/archive/1/491024/100/0/threaded

www.securitytracker.com/id?1019855

www.vupen.com/english/advisories/2008/1233/references

www.vupen.com/english/advisories/2008/1267/references

exchange.xforce.ibmcloud.com/vulnerabilities/41858

exchange.xforce.ibmcloud.com/vulnerabilities/41997

Social References

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.3%

JSON

Related for CVE-2008-1814

prion1 cvelist1 nvd1 nessus2