Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveOracleCVE-2014-6567
HistoryJan 21, 2015 - 3:28 p.m.

CVE-2014-6567

2015-01-2115:28:06
oracle
web.nvd.nist.gov
82
cve-2014-6567
oracle
database server
rdbms
vulnerability
confidentiality
integrity
availability
remote attack

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.009

Percentile

83.2%

JSON

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher’s claim that this is a stack-based buffer overflow in DBMS_AW.EXECUTE, which allows code execution via a long Current Directory Alias (CDA) command.

Affected configurations

Nvd
Node
oracledatabase_serverMatch11.1.0.7
OR
oracledatabase_serverMatch11.2.0.3
OR
oracledatabase_serverMatch11.2.0.4
OR
oracledatabase_serverMatch12.1.0.1
OR
oracledatabase_serverMatch12.1.0.2
VendorProductVersionCPE
oracledatabase_server11.1.0.7cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
oracledatabase_server11.2.0.3cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*
oracledatabase_server11.2.0.4cpe:2.3:a:oracle:database_server:11.2.0.4:*:*:*:*:*:*:*
oracledatabase_server12.1.0.1cpe:2.3:a:oracle:database_server:12.1.0.1:*:*:*:*:*:*:*
oracledatabase_server12.1.0.2cpe:2.3:a:oracle:database_server:12.1.0.2:*:*:*:*:*:*:*

Related

prion 1
cvelist 1
nvd 1
thn 1
nessus 1
ibm 1
openvas 1
securityvulns 1
oracle 1
prion
prion
Stack overflow
2015-01-21 15:28:00
cvelist
cvelist
CVE-2014-6567
2015-01-21 15:00:00
nvd
nvd
CVE-2014-6567
2015-01-21 15:28:06
thn
thn
Oracle releases 169 Updates, Including 19 Patches for JAVA Vulnerabilities
2015-01-21 08:36:00
nessus
nessus
Oracle Database Multiple Vulnerabilities (January 2015 CPU)
2015-01-22 00:00:00
ibm
ibm
Security Bulletin: IBM OpenPages Platform with Database is affected by multiple vulnerabilities
2018-06-15 22:42:21
openvas
openvas
Oracle Database Server Multiple Unspecified Vulnerabilities -05 (Jan 2016)
2016-01-25 00:00:00
securityvulns
securityvulns
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2015-01-25 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00

CVSS2

9

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.009

Percentile

83.2%

JSON
Related for CVE-2014-6567
prion1cvelist1nvd1thn1nessus1ibm1openvas1securityvulns1oracle1