Unspecified vulnerability in the Oracle Ultra Search component in Oracle Collaboration Suite 10.1.2; Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; and Application Server 9.0.4.3 and 10.1.2.0.2; has unknown impact and local attack vectors, aka OCS01. NOTE: Oracle has not disputed a reliable claim that this issue is related to WKSYS schema privileges.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C
Vendors Products
Oracle
  • Peoplesoft Enterprise Peopletools
  • Database Server
  • Application Server 9i
  • E-business Suite
  • Application Server
  • Collaboration Suite

Configuration 1 [-]

OR cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server_9i:9.0.4.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:application_server_9i:10.1.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:collaboration_suite:10.1.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.0.1.5:*:fips:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:9.2.0.8dv:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:11.1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.5.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:12.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:12.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:12.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.47:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.48:*:*:*:*:*:*:*
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.49:*:*:*:*:*:*:*
References
Link Resource
http://marc.info/?l=bugtraq&m=120058413923005&w=2
http://secunia.com/advisories/28518 Vendor Advisory
http://secunia.com/advisories/28556 Vendor Advisory
http://securitytracker.com/id?1019218
http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html
http://www.petefinnigan.com/Advisory_CPU_Jan_2008.htm
http://www.securityfocus.com/archive/1/487322/100/100/threaded
http://www.securityfocus.com/bid/27229
http://www.us-cert.gov/cas/techalerts/TA08-017A.html US Government Resource
http://www.vupen.com/english/advisories/2008/0150 Vendor Advisory
http://www.vupen.com/english/advisories/2008/0180 Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2008-01-17T22:00:00

Updated: 2018-10-15T20:57:01

Reserved: 2008-01-17T00:00:00

Link: CVE-2008-0347

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2008-01-17T23:00:00.000

Modified: 2018-10-15T21:59:03.077

Link: CVE-2008-0347

JSON object: View

cve-icon Redhat Information

No data.

CWE