9

CVE-2007-2114

EPSS 19.26%
Published 18.04.2007 18:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 have unknown impact and remote authenticated attack vectors, related to (1) Change Data Capture (CDC), aka DB08, and (2) Oracle Instant Client, aka DB11.  NOTE: as of 20070424, oracle has not disputed reliable claims that these issues are buffer overflows using a long CHANGE_TABLE_NAME parameter to the DBMS_CDC_IPUBLISH.CHGTAB_CACHE procedure (DB08) and Oracle Instant Client genezi utility (DB11).

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Oracle ≫ Database Server Version10.1.0.5

Oracle ≫ Database Server Version10.2.0.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	19.26%	0.948

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf

http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf

http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html

http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html

http://www.securityfocus.com/archive/1/466329/100/200/threaded

http://www.securityfocus.com/bid/23532

http://www.securitytracker.com/id?1017927

http://www.us-cert.gov/cas/techalerts/TA07-108A.html

US Government Resource

http://www.vupen.com/english/advisories/2007/1426

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2007-2114

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2114

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2114

EUVD