Oracle Database Server And Application Server Ultra Search Component Unspecified Vulnerability Network Vulnerability

Summary

This host is running Oracle database or application server and is prone to unspecified vulnerability.

Impact

Successful exploitation allows an attackers to execute arbitrary code or commands in context of the affected application, information disclosure and denial of service. Impact Level: Application

Solution

Apply patches from below link, http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html

Insight

The flaw is due to unspecified error in Oracle ultra search component.

Affected

Oracle Database server versions 9.2.0.8, 10.1.0.5 and 10.2.0.3 Oracle Application server versions 9.0.4.3 and 10.1.2.0.2

References

http://securitytracker.com/id?1019218
http://www.petefinnigan.com/Advisory_CPU_Jan_2008.htm
http://www.securityfocus.com/archive/1/archive/1/487322/100/100/threaded
http://www.us-cert.gov/cas/techalerts/TA08-017A.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-0347

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)
Aastra IP Telephone Hardcoded Telnet Password Security Bypass Vulnerability
Adobe AIR Security Bypass Vulnerability Jan14 (Mac OS X)
Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)

Oracle Database Server and Application Server Ultra Search Component Unspecified Vulnerability

Take action and discover your vulnerabilities