Lucene search

[email protected]NVD:CVE-2007-0270

HistoryJan 17, 2007 - 2:28 a.m.

CVE-2007-0270

2007-01-1702:28:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.116

Percentile

95.3%

JSON

Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via the GET_PROPERTY function in SYS.DBMS_DRS, aka DB03.

Affected configurations

Nvd

Node

oracledatabase_serverMatch9.2.0.7

oracledatabase_serverMatch10.1.0.4

VendorProductVersionCPE
oracledatabase_server9.2.0.7cpe:2.3:a:oracle:database_server:9.2.0.7:*:*:*:*:*:*:*
oracledatabase_server10.1.0.4cpe:2.3:a:oracle:database_server:10.1.0.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	database_server	9.2.0.7	cpe:2.3:a:oracle:database_server:9.2.0.7:::::::*
oracle	database_server	10.1.0.4	cpe:2.3:a:oracle:database_server:10.1.0.4:::::::*

References

osvdb.org/32909

secunia.com/advisories/23794

securitytracker.com/id?1017522

www.appsecinc.com/resources/alerts/oracle/2007-04.shtml

www.oracle.com/technetwork/topics/security/cpujan2007-101493.html

www.securityfocus.com/archive/1/458036/100/0/threaded

www.securityfocus.com/archive/1/474050/100/0/threaded

www.securityfocus.com/bid/22083

www.us-cert.gov/cas/techalerts/TA07-017A.html

exchange.xforce.ibmcloud.com/vulnerabilities/31541

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.116

Percentile

95.3%

JSON

Related for NVD:CVE-2007-0270

securityvulns3 cvelist1 cve1 prion1 nessus1