CVE-2006-0289

Current Description

Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, Application Server 10.1.2.0.2, and Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i) has unspecified impact and attack vectors, as identified by Oracle Vuln# DBC02 in the Reorganize Objects & Convert Tablespace component.

Referenced by CVEs:CVE-2005-2378, CVE-2005-2385

Basic Data

PublishedJanuary 18, 2006
Last ModifiedJuly 20, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-noinfo
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationOracleApplication Server10.1.2.0.2*******
    2.3ApplicationOracleCollaboration Suite9.0.4.2r2******
    2.3ApplicationOracleDatabase Server10.1.0.4.2*******

Vulnerable Software List

VendorProductVersions
Oracle Database Server 10.1.0.4.2
Oracle Collaboration Suite 9.0.4.2
Oracle Application Server 10.1.2.0.2

References

NameSourceURLTags
18493http://secunia.com/advisories/18493SECUNIAVendor Advisory
18608http://secunia.com/advisories/18608SECUNIAPatch Vendor Advisory
1015499http://securitytracker.com/id?1015499SECTRACKPatch
VU#545804http://www.kb.cert.org/vuls/id/545804CERT-VNThird Party Advisory US Government Resource
http://www.oracle.com/technetwork/topics/security/cpujan2006-082403.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2006-082403.htmlCONFIRM
16287http://www.securityfocus.com/bid/16287BIDExploit
ADV-2006-0243http://www.vupen.com/english/advisories/2006/0243VUPENVendor Advisory
ADV-2006-0323http://www.vupen.com/english/advisories/2006/0323VUPENVendor Advisory
oracle-january2006-update(24321)https://exchange.xforce.ibmcloud.com/vulnerabilities/24321XF