Vulnerabilities > CVE-2007-1442 - Insecure Permissions vulnerability in Oracle Database Server 10.2.1/10.2.2/10.2.3
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists (DACLs), which allows local users to gain privileges.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 9 |