Vulnerability Description
Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to the IMP_FULL_DATABASE role.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Data Pump Component | All versions |
| Oracle | Database Server | 10.1.0.5 |
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143
- http://secunia.com/advisories/31087
- http://secunia.com/advisories/31113
- http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html
- http://www.securitytracker.com/id?1020499
- http://www.vupen.com/english/advisories/2008/2109/references
- http://www.vupen.com/english/advisories/2008/2115
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143
- http://secunia.com/advisories/31087
- http://secunia.com/advisories/31113
- http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html
- http://www.securitytracker.com/id?1020499
- http://www.vupen.com/english/advisories/2008/2109/references
- http://www.vupen.com/english/advisories/2008/2115
FAQ
What is CVE-2008-2602?
CVE-2008-2602 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to the IMP_FULL_DATABASE rol...
How severe is CVE-2008-2602?
CVE-2008-2602 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2602?
Check the references section above for vendor advisories and patch information. Affected products include: Oracle Data Pump Component, Oracle Database Server.