7.2
CVE-2007-1442
- EPSS 0.49%
- Veröffentlicht 14.03.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:35
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists (DACLs), which allows local users to gain privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Database Server Version10.2.1 Editionenterprise
Oracle ≫ Database Server Version10.2.1 Editionpersonal
Oracle ≫ Database Server Version10.2.1 Editionstandard
Oracle ≫ Database Server Version10.2.2 Editionenterprise
Oracle ≫ Database Server Version10.2.2 Editionpersonal
Oracle ≫ Database Server Version10.2.2 Editionstandard
Oracle ≫ Database Server Version10.2.3 Editionenterprise
Oracle ≫ Database Server Version10.2.3 Editionpersonal
Oracle ≫ Database Server Version10.2.3 Editionstandard
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.49% | 0.384 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://argeniss.com/research/10MinSecAudit.zip
http://osvdb.org/33979
http://secunia.com/advisories/24475
http://www.securityfocus.com/bid/22905