CVE-2008-3994 - OpenCVE

Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:S/C:P/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oracle	Database 10g Database 11i Database 9i

Configuration 1 [-]

OR	cpe:2.3:a:oracle:database_10g:10.1.0.5:::::::*
	cpe:2.3:a:oracle:database_10g:10.2.0.3:::::::*
	cpe:2.3:a:oracle:database_11i:11.1.0.6:::::::*
	cpe:2.3:a:oracle:database_9i:9.2.0.8:::::::*
	cpe:2.3:a:oracle:database_9i:9.2.0.8dv:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/32291
http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html
http://www.securitytracker.com/id?1021050
http://www.vupen.com/english/advisories/2008/2825
https://exchange.xforce.ibmcloud.com/vulnerabilities/45898

History

No history.

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2008-10-14T21:00:00

Updated: 2024-08-07T10:00:42.406Z

Reserved: 2008-09-09T00:00:00

Link: CVE-2008-3994

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-10-14T21:11:11.270

Modified: 2017-08-08T01:32:19.547

Link: CVE-2008-3994

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-10-14T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "oracle-database-workspaceman-priv-escalation(45898)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45898"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"}, {"name": "32291", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32291"}, {"name": "1021050", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021050"}, {"name": "ADV-2008-2825", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2825"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2008-3994", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "oracle-database-workspaceman-priv-escalation(45898)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45898"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"}, {"name": "32291", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32291"}, {"name": "1021050", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021050"}, {"name": "ADV-2008-2825", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2825"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T10:00:42.406Z"}, "title": "CVE Program Container", "references": [{"name": "oracle-database-workspaceman-priv-escalation(45898)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45898"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"}, {"name": "32291", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32291"}, {"name": "1021050", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021050"}, {"name": "ADV-2008-2825", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2825"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2008-3994", "datePublished": "2008-10-14T21:00:00", "dateReserved": "2008-09-09T00:00:00", "dateUpdated": "2024-08-07T10:00:42.406Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_10g:10.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "AB9DC5FD-9892-47BD-8F35-A3D4556952A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:database_10g:10.2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6D836B0-A20F-49D8-9EE3-251BA2D28247", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:database_11i:11.1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "D9A56D3F-26C0-465B-9347-70D6EC53F74E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "35853080-470C-415B-B15B-D93A6DE856FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:database_9i:9.2.0.8dv:*:*:*:*:*:*:*", "matchCriteriaId": "37FDC572-7FE0-41B2-99D6-139819781038", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el componente Workspace Manager de Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6 permite a un atacante remoto comprometer la confidencialidad y la integridad, en relaci\u00f3n con WMSYS.LTADM."}], "id": "CVE-2008-3994", "lastModified": "2017-08-08T01:32:19.547", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 5.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-10-14T21:11:11.270", "references": [{"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32291"}, {"source": "secalert_us@oracle.com", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securitytracker.com/id?1021050"}, {"source": "secalert_us@oracle.com", "url": "http://www.vupen.com/english/advisories/2008/2825"}, {"source": "secalert_us@oracle.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45898"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}