Vulnerability in Oracle Database 10.1.0.5 Affects Confidentiality and Integrity
CVE-2008-4015

Currently unrated

Key Information:

Vendor: Oracle
Status: Database 10g
Vendor: CVE Published:; 14 January 2009

Summary

An unspecified vulnerability exists in the Oracle Streams component of Oracle Database 10.1.0.5, enabling remote authenticated users to compromise the confidentiality and integrity of data. This issue is intimately tied to the SYS.DBMS_STREAMS_AUTH package, which could allow unauthorized alteration of data streams, impacting overall database security and operation.

References

http://secunia.com/advisories/33525

third-party-advisoryx_refsource_SECUNIA

http://www.securitytracker.com/id?1021561

vdb-entryx_refsource_SECTRACK

http://www.vupen.com/english/advisories/2009/0115

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Jan 14, 2009
Vulnerability Reserved
Sep 9, 2008