Vulnerabilities > CVE-2016-5555 - Unspecified vulnerability in Oracle Database Server 11.2.0.4/12.1.0.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Nessus
NASL family | Databases |
NASL id | ORACLE_RDBMS_CPU_OCT_2016.NASL |
description | The remote Oracle Database Server is missing the October 2016 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the RDBMS Security and SQL*Plus component that allows an authenticated, remote attacker to disclose sensitive information. (CVE-2016-3562) - An unspecified flaw exists in the RDBMS Security component that allows a local attacker to gain elevated privileges. (CVE-2016-5497) - Multiple unspecified flaws exist in the RDBMS Security component that allow a local attacker to disclose sensitive information. (CVE-2016-5498, CVE-2016-5499) - An unspecified flaw exists in the RDBMS Programmable Interface component that allows a local attacker to disclose sensitive information. (CVE-2016-5505) - An unspecified flaw exists in the Kernel PDB component that allows a local attacker to cause a denial of service condition. (CVE-2016-5516) - An unspecified flaw exists in the OJVM component that allows an authenticated, remote attacker to execute arbitrary code. (CVE-2016-5555) - An unspecified flaw exists in the Kernel PDB component that allows a local attacker to gain elevated privileges. (CVE-2016-5572) |
last seen | 2020-06-02 |
modified | 2016-10-21 |
plugin id | 94201 |
published | 2016-10-21 |
reporter | This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/94201 |
title | Oracle Database Multiple Vulnerabilities (October 2016 CPU) |
code |
|
References
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- http://www.securityfocus.com/bid/93615
- http://www.securityfocus.com/bid/93615
- http://www.securitytracker.com/id/1037035
- http://www.securitytracker.com/id/1037035