NVD

Id
55997  
Name
CVE-2007-3853  
Description
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via (1) DBMS_JAVA_TEST in the JavaVM component (DB01), (2) Oracle Text component (DB09), and (3) MDSYS.SDO_GEOR_INT in the Spatial component (DB15). NOTE: a reliable researcher claims that DB01 is SQL injection in DBMS_PRVTAQIS.  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-07  
Published
2007-07-18  
Modified Date
2012-10-22  
Seq
2007-3853  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
284987 55997 CVE-2007-3853 SSRT061201  View
284988 55997 CVE-2007-3853 http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf  View
284989 55997 CVE-2007-3853 http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html  View
284990 55997 CVE-2007-3853 http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html  View
284991 55997 CVE-2007-3853 http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html  View
284992 55997 CVE-2007-3853 20070718 Oracle Security: SQL Injection in package DBMS_PRVTAQIS  View
284993 55997 CVE-2007-3853 1018415  View
284994 55997 CVE-2007-3853 TA07-200A  View
284995 55997 CVE-2007-3853 ADV-2007-2562  View
284996 55997 CVE-2007-3853 ADV-2007-2635  View
284997 55997 CVE-2007-3853 oracle-cpu-july2007(35490)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
51864 JVNDB-2007-000527 Oracle Database の複数コンポーネントにおける脆弱性 Oracle Database の JavaVM、Oracle Text および Spatial コンポーネントに関連する複数の脆弱性が存在します。(DB01,DB09,DB15) CVE-2007-3853 27208 CVE-2007-3853 55997 6.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000527.html 2007-07-17 2007-07-26 View