Unspecified Vulnerability in Oracle Database Data Pump Component
CVE-2008-2608

Currently unrated

Key Information:

Vendor: Oracle
Status: Database Server; Data Pump Component
Vendor: CVE Published:; 15 July 2008

Summary

An unspecified vulnerability exists in the Data Pump component of Oracle Database versions 10.1.0.5 and 10.2.0.3. This flaw may allow remote authenticated attackers to exploit unknown impact vectors potentially affecting the integrity of the system. The vulnerability is linked to the SYS.KUPF$FILE_INT mechanism, although the specific ramifications remain unclear. Organizations utilizing the affected Oracle Database versions should remain vigilant and apply any necessary security updates provided by Oracle.

References

http://www.oracle.com/technetwork/topics/security/cpujul2...

x_refsource_CONFIRM

http://www.vupen.com/english/advisories/2008/2115

vdb-entryx_refsource_VUPEN

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Jul 15, 2008
Vulnerability Reserved
Jun 9, 2008