Remote Code Execution Vulnerability in Oracle Secure Backup by Oracle
CVE-2010-0072

Currently unrated

Key Information:

Vendor: Oracle
Status: Secure Backup
Vendor: CVE Published:; 13 January 2010

Summary

An unspecified vulnerability in Oracle Secure Backup allows remote attackers to compromise the confidentiality, integrity, and availability of the system. The issue, potentially related to a buffer overflow in the observiced.exe component, permits unauthorized execution of arbitrary code through specific TCP connection manipulation. This vulnerability underscores the importance of securing Oracle Secure Backup installations and monitoring communications on critical ports.

References

http://www.oracle.com/technetwork/topics/security/cpujan2...

x_refsource_CONFIRM

http://www.us-cert.gov/cas/techalerts/TA10-012A.html

third-party-advisoryx_refsource_CERT

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 13, 2010
Vulnerability Reserved
Dec 16, 2009