Change Data Capture Vulnerability in Oracle Database by Oracle
CVE-2008-3996

Currently unrated

Key Information:

Vendor: Oracle
Status: Database 11i; Database 10g
Vendor: CVE Published:; 14 October 2008

What is CVE-2008-3996?

An unspecified vulnerability exists in the Change Data Capture (CDC) component of Oracle Database versions 10.1.0.5, 10.2.0.4, and 11.1.0.6. This issue allows remote authenticated users to adversely impact the confidentiality and integrity of the database. The vulnerability is associated with the SYS.DBMS_CDC_IPUBLISH package that could facilitate unauthorized access or data manipulation by exploiting weaknesses in the CDC functionality.

References

http://www.oracle.com/technetwork/topics/security/cpuoct2...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/45900

vdb-entryx_refsource_XF

http://secunia.com/advisories/32291

third-party-advisoryx_refsource_SECUNIA

EPSS Score

39% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2008
Vulnerability Reserved
Sep 9, 2008