Unspecified Vulnerability in Oracle Application Server's Internet Directory Component
CVE-2008-2595

Currently unrated

Key Information:

Vendor: Oracle
Status: Database 10g; Database 9i
Vendor: CVE Published:; 15 July 2008

What is CVE-2008-2595?

An unspecified vulnerability has been identified in the Internet Directory component of the Oracle Application Server. It may allow remote attackers to exploit potential attack vectors, leading to instability or functionality loss. Claims suggest that this vulnerability could be exploited through a malformed LDAP request, which may inadvertently cause a NULL pointer dereference, thereby disrupting service. Precautionary measures are recommended to mitigate any risk associated with this issue.

References

http://www.oracle.com/technetwork/topics/security/cpujul2...

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2008/2115

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1020494

vdb-entryx_refsource_SECTRACK

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 15, 2008
Vulnerability Reserved
Jun 9, 2008