Vulnerabilities > CVE-2010-4449 - Remote Code Execution vulnerability in Oracle Audit Vault 10.2.3.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in the Audit Vault component in Oracle Audit Vault 10.2.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this issue is related to a crafted parameter in an action.execute request to the av component on TCP port 5700.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://osvdb.org/70583
- http://secunia.com/advisories/42919
- http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html
- http://www.securityfocus.com/bid/45844
- http://www.securitytracker.com/id?1024973
- http://www.vupen.com/english/advisories/2011/0141
- http://www.zerodayinitiative.com/advisories/ZDI-11-017/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64762