CVE-2008-1817

Published: Apr 16, 2008Modified: Apr 23, 2026

9.0

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability: 8.0 / Impact: 10.0

Source: NVD

Description

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection.

Affected (5)

Products: Oracle: Database 9i, Database Server

2 products

Database Server

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Oracle Database 9i	Version 9.2.0.8dv
Oracle Database Server	Version 10.1.0.5
Oracle Database Server	Version 10.2.0.3
Oracle Database Server	Version 11.1.0.6
Oracle Database Server	Version 9.0.1.5

References (24)

http://secunia.com/advisories/29829

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/29874

Source: cve@mitre.org

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html

Source: cve@mitre.org

http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/490920/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/491024/100/0/threaded

Source: cve@mitre.org

http://www.securitytracker.com/id?1019855

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/1233/references

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2008/1267/references

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/41858

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/42001

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/42002

Source: cve@mitre.org

http://secunia.com/advisories/29829

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/29874

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/490920/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/491024/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1019855

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2008/1233/references

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2008/1267/references

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/41858

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/42001

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/42002

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.