Local Vulnerability in Oracle Database and Application Server
CVE-2009-3412

Currently unrated

Key Information:

Vendor: Oracle
Status: Application Server
Vendor: CVE Published:; 13 January 2010

What is CVE-2009-3412?

An undisclosed vulnerability exists in the Unzip component of Oracle Database and Oracle Application Server that can potentially allow local users to manipulate confidentiality. This vulnerability affects specific versions of Oracle Database and Oracle Application Server, making it a concern for environments operating these platforms. Local users may exploit this vulnerability using undefined vectors, highlighting the importance of maintaining security best practices and regular updates.

References

http://www.securitytracker.com/id?1023438

vdb-entryx_refsource_SECTRACK

http://www.oracle.com/technetwork/topics/security/cpujan2...

x_refsource_CONFIRM

http://www.us-cert.gov/cas/techalerts/TA10-012A.html

third-party-advisoryx_refsource_CERT

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 13, 2010
Vulnerability Reserved
Sep 25, 2009