CVE-2012-0519

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:H/Au:S/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html	Vendor Advisory
http://www.securityfocus.com/bid/53072
http://www.securitytracker.com/id?1026929

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-05-03 17:55

Updated : 2017-09-09 01:29

NVD link : CVE-2012-0519

Mitre link : CVE-2012-0519

CVE.ORG link : CVE-2012-0519

JSON object : View

Products Affected

microsoft

windows

oracle

database_server

CWE

NVD-CWE-noinfo

{"id": "CVE-2012-0519", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-05-03T17:55:01.767", "references": [{"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/53072", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1026929", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el componente Core RDBMS del servidor de bases de datos Oracle 11.2.0.2. Cuando se ejecuta en Windows, permite a los usuarios autenticados remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos."}], "lastModified": "2017-09-09T01:29:01.003", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D7157D8-4959-4F6C-BFA0-D80862393AA4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "secalert_us@oracle.com"}