CVE-2008-2613

Name of the Vulnerable Software and Affected Versions Oracle Database versions 10.2.0.4 through 11.1.0.6

Description The issue concerns an unspecified vulnerability in the Database Scheduler component. It has local attack vectors and its impact is unknown. Researchers claim it might be related to an untrusted search path issue, potentially allowing local users to gain privileges by using a malicious library, such as libclntsh.so or libnnz10.so.

Recommendations For Oracle Database versions 10.2.0.4 through 11.1.0.6, consider restricting access to the Database Scheduler component until more information is available. As a temporary workaround, avoid using the libclntsh.so and libnnz10.so libraries in sensitive operations to minimize potential risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.