6.8

CVE-2007-2115

EPSS 3.58%
Published 18.04.2007 18:19:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Unspecified vulnerability in the Change Data Capture (CDC) component in Oracle Database 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors, aka DB09.  NOTE: as of 20070424, oracle has not disputed reliable claims that this issue involves multiple SQL injection vulnerabilities in the DBMS_CDC_PUBLISH with remote authenticated vectors involving the "java classes in CDC.jar."

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Oracle ≫ Database Server Version9.2.0.7

Oracle ≫ Database Server Version10.1.0.5

Oracle ≫ Database Server Version10.2.0.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.58%	0.873

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf

http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf

http://www.ngssoftware.com/research/papers/NGSSoftware-OracleCPUAPR2007.pdf

http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html

http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html

http://www.securityfocus.com/archive/1/466329/100/200/threaded

http://www.securityfocus.com/bid/23532

http://www.securitytracker.com/id?1017927

http://www.us-cert.gov/cas/techalerts/TA07-108A.html

US Government Resource

http://www.vupen.com/english/advisories/2007/1426

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2007-2115

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-2115

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-2115

EUVD