|
|
CVE Reference: CVE-2008-5440 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-5440 |
|
|
Description: Unspecified vulnerability in the TimesTen Data Server component in Oracle Database 7.0.5.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this is a format string vulnerability via the msg parameter in the evtdump CGI module. |
|
|
CVE Status: Candidate |
|
|
References: SAID Secunia Advisory: SA33525 MISC http://www.zerodayinitiative.com/advisories/ZDI-09-004 http://joxeankoret.com/blog/?p=41 CONFIRM http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/500078/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/500080/100/0/threaded BID 33177 |
|
| Return to the previous page. |
