Vulnerabilities > CVE-2009-1018 - Workspace Manager Unspecified vulnerability in Oracle Database Server 10.2.0.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LTRIC (WMSYS.LTRIC).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Databases |
NASL id | ORACLE_RDBMS_CPU_OCT_2009.NASL |
description | The remote Oracle database server is missing the October 2009 Critical Patch Update (CPU) and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Application Express - Auditing - Authentication - Core RDBMS - Data Mining - Data Pump - Network Authentication - Net Foundation Layer - Oracle Spatial - Oracle Text - PL/SQL - Workspace Manager |
last seen | 2020-06-02 |
modified | 2011-11-16 |
plugin id | 56066 |
published | 2011-11-16 |
reporter | This script is Copyright (C) 2011-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/56066 |
title | Oracle Database Multiple Vulnerabilities (October 2009 CPU) |
code |
|
Seebug
bulletinFamily | exploit |
description | Bugraq ID: 36765 CVE ID:CVE-2009-1018 Oracle Database是一款商业性质的大型数据库。 Oracle数据库Workspace Manager存在远程漏洞,此漏洞可通过'Oracle Net'协议利用,要成功利用此漏洞,攻击者必须拥有SYS.LTRIC (WMSYS.LTRIC)'特权。 目前没有详细漏洞细节提供。 Oracle Oracle10g Standard Edition 10.2.0.4 Oracle Oracle10g Personal Edition 10.2.0.4 Oracle Oracle10g Enterprise Edition 10.2.0.4 厂商解决方案 用户可参考如下安全公告获得补丁信息: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html |
id | SSV:12505 |
last seen | 2017-11-19 |
modified | 2009-10-21 |
published | 2009-10-21 |
reporter | Root |
title | Oracle Database CVE-2009-1018 Workspace Manager漏洞 |