Multiple Vulnerabilities in Oracle Database Products
CVE-2008-1813

Currently unrated

Key Information:

Vendor: Oracle
Status: Database Server; Database 9i
Vendor: CVE Published:; 16 April 2008

What is CVE-2008-1813?

Oracle Database contains multiple unspecified vulnerabilities that could allow remote unauthenticated or authenticated attackers to exploit various components. The weaknesses include potential SQL injection in the SDO_GEOM package, issues within the DBMS_AQ in the Advanced Queuing, and a security flaw involving the Export functionality. Furthermore, problematic behavior relates to the default password of the OUTLN account due to a reset surreptitiously linked to a hard-coded password. These vulnerabilities have been reported but not confirmed by Oracle, indicating a need for enhanced security measures and thorough assessments.

References

http://www.red-database-security.com/advisory/oracle_outl...

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/41858

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2008/1267/references

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 16, 2008
Vulnerability Reserved
Apr 15, 2008