Unspecified Vulnerability in Oracle Database Affecting Data Pump Component
CVE-2008-2602

Currently unrated

Key Information:

Vendor: Oracle
Status: Database Server; Data Pump Component
Vendor: CVE Published:; 15 July 2008

Summary

An unspecified vulnerability exists in the Data Pump component of Oracle Database versions 10.1.0.5, 10.2.0.4, and 11.1.0.6. This vulnerability may be exploited by remote authenticated users to negatively impact the system, particularly concerning the IMP_FULL_DATABASE role. The exact nature of the impact was not disclosed, prompting concern for database administrators and users who rely on this critical functionality.

References

http://www.oracle.com/technetwork/topics/security/cpujul2...

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2008/2115

vdb-entryx_refsource_VUPEN

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Jul 15, 2008
Vulnerability Reserved
Jun 9, 2008