Unspecified Vulnerability in Oracle Database Advanced Replication Component
CVE-2008-2592

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
15 July 2008

Summary

An unspecified vulnerability exists within the Advanced Replication component of various versions of Oracle Database, enabling potential remote authenticated attack vectors. The flaw is suspected of involving SQL injection issues in the DELETE_TRAN procedure of SYS.DBMS_DEFER_SYS. The severity of this potential threat has elicited concern from security researchers, although official responses from Oracle have not confirmed the specifics of the vulnerability. This poses risks to users running affected versions of Oracle Database as the exact impact is still unclear.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.