Lucene search

[email protected]NVD:CVE-2007-5561

HistoryOct 18, 2007 - 8:17 p.m.

CVE-2007-5561

2007-10-1820:17:00

CWE-134

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.045 Low

EPSS

Percentile

92.5%

JSON

Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175. NOTE: this might be the same issue as CVE-2007-0282 or CVE-2007-0280, but there are insufficient details to be sure.

Affected configurations

NVD

Node

oracleenterprise_grid_console_serverMatch10.2.0.1

oracleopmn_daemon

References

www.irmplc.com/index.php/111-Vendor-Alerts

www.irmplc.com/index.php/142-Advisory-021

www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2007.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

Low

0.045 Low

EPSS

Percentile

92.5%

JSON

Related for NVD:CVE-2007-5561

prion3 cve3 cvelist3 nessus2 nvd2 securityvulns1