Lucene search

K

OracleCVELIST:CVE-2009-0981

HistoryApr 15, 2009 - 10:00 a.m.

CVE-2009-0981

2009-04-1510:00:00

oracle

www.cve.org

5

AI Score

5.3

Confidence

Low

EPSS

0.16

Percentile

96.1%

Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue allows remote authenticated users to obtain APEX password hashes from the WWV_FLOW_USERS table via a SELECT statement.

References

osvdb.org/53738

secunia.com/advisories/34693

www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html

www.red-database-security.com/advisory/apex_password_hashes.html

www.securityfocus.com/archive/1/502724/100/0/threaded

www.securityfocus.com/bid/34461

www.securitytracker.com/id?1022052

www.us-cert.gov/cas/techalerts/TA09-105A.html

www.exploit-db.com/exploits/8456

AI Score

5.3

Confidence

Low

EPSS

0.16

Percentile

96.1%

Related for CVELIST:CVE-2009-0981

exploitpack1 zdt1 securityvulns2 nessus2 seebug2 nvd1 packetstorm1 checkpoint_advisories1 prion1 exploitdb1 cve1 oracle1