Vulnerability CVE-2006-0552


Published: 2006-02-04   Modified: 2011-03-07

Description:
Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11.

Vendor: Oracle
Product: Oracle9i 
Version:
standard_9.2.0.7
standard_9.2.0.6
enterprise_9.0.1.5_fips
enterprise_9.0.1.5
enterprise_9.0.1.4
Product: Oracle8i 
Version:
standard_8.1.7.4
standard_8.0.6.3
standard_8.0.6
enterprise_8.1.7.4
Product: Oracle10g 
Version:
standard_10.2.0.1
standard_10.1.0.5
standard_10.1.0.4.2
standard_10.1.0.4
standard_10.1.0.3
personal_10.1.0.4
personal_10.1.0.3
enterprise_10.1.0.4
enterprise_10.1.0.3
Product: Enterpriseone 
Version: sp23_l1; 8.95.f1;
Product: Collaboration suite 
Version:
release_1
9.0.4.2
10.1.2
10.1.1
Product: Application server 
Version:
9.0.4.2
9.0.4.1
9.0.4
10.1.2.1.0
10.1.2.0.2
10.1.2.0.1
10.1.2.0.0
10.1.2
1.0.2.2
Product: Developer suite 
Version:
9.0.4.2
9.0.4.1
9.0.2.1
10.1.2
Product: Peoplesoft enterprise portal 
Version:
8.9
8.8
8.4
Product: Database server 
Version:
8.1.7.4
8.0.6.3
8.0.6
Product: Workflow 
Version: 11.5.9.5; 11.5.1;
Product: E-business suite 
Version:
11.5.9
11.5.8
11.5.7
11.5.6
11.5.5
11.5.4
11.5.3
11.5.2
11.5.10
11.5.1
Product: 10g enterprise manager grid control 
Version: 10.1_.0.4; 10.1_.0.3;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://www.kb.cert.org/vuls/id/545804
http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html
http://secunia.com/advisories/18493
http://www.vupen.com/english/advisories/2006/0323
http://www.vupen.com/english/advisories/2006/0243
http://www.securityfocus.com/bid/16287
http://www.osvdb.org/22549
http://securitytracker.com/id?1015499
http://secunia.com/advisories/18608
http://xforce.iss.net/xforce/xfdb/24321

Related CVE
CVE-2017-10151
Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Default Account). Supported versions that are affected are 11.1.1.7, 11.1.2.3 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated atta...
CVE-2017-3588
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: HA for MySQL). Supported versions that are affected are 3.3 and 4.3. Easily exploitable vulnerability allows unauthenticated attacker with logon to the...
CVE-2017-3446
Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability all...
CVE-2017-3444
Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability all...
CVE-2017-3445
Vulnerability in the Oracle Trade Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability all...
CVE-2017-10426
Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Staffing Front Office). The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with networ...
CVE-2017-10427
Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Point of Sale). Supported versions that are affected are 6.0.11, 6.5.11, 7.0.6, 7.1.6 and 15.0.1. Difficult to exploit vulnerability all...
CVE-2017-10428
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.30. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrast...

Copyright 2017, cxsecurity.com

 

Back to Top