PT-2008-3349 · Oracle · Oracle Database
Published
2008-04-16
·
Updated
2018-10-11
·
CVE-2008-1817
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Oracle Database versions 9.0.1.5 FIPS+ through 11.1.0.6
Description
The issue concerns multiple unspecified vulnerabilities with unknown impact and remote attack vectors. These vulnerabilities are related to (1) SDO IDX in the Spatial component and (2) Core RDBMS. There are claims of SQL injection related to one of the vulnerabilities, but Oracle has not commented on this.
Recommendations
For Oracle Database versions 9.0.1.5 FIPS+ through 11.1.0.6, update to a version that is not affected by these vulnerabilities.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Oracle Database