Data Confidentiality and Integrity Vulnerability in Oracle Database
CVE-2008-3995

Currently unrated

Key Information:

Vendor: Oracle
Status: Database 11i; Database 10g
Vendor: CVE Published:; 14 October 2008

What is CVE-2008-3995?

An unspecified vulnerability exists within the Change Data Capture component of Oracle Database, allowing remote authenticated users to impact the confidentiality and integrity of the affected systems, specifically related to the DBMS_CDC_PUBLISH functionality. This can potentially lead to unauthorized access to sensitive data and manipulation of database information.

References

http://www.oracle.com/technetwork/topics/security/cpuoct2...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/45899

vdb-entryx_refsource_XF

http://secunia.com/advisories/32291

third-party-advisoryx_refsource_SECUNIA

EPSS Score

42% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 14, 2008
Vulnerability Reserved
Sep 9, 2008