Remote Code Execution Vulnerability in Oracle Industry Product Suite
CVE-2010-0875

Currently unrated

Key Information:

Vendor: Oracle
Status: Industry Product Suite
Vendor: CVE Published:; 13 April 2010

Summary

The Oracle Industry Product Suite contains an unspecified vulnerability in the Thesaurus Management System component that enables remote attackers to manipulate system integrity. This weakness primarily affects versions 4.5.2, 4.6, and 4.6.1, allowing unauthorized access and potential exploitation of sensitive data through the TMS Browser feature.

References

http://www.us-cert.gov/cas/techalerts/TA10-103B.html

third-party-advisoryx_refsource_CERT

http://www.securitytracker.com/id?1023872

vdb-entryx_refsource_SECTRACK

http://www.oracle.com/technetwork/topics/security/cpuapr2...

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 13, 2010
Vulnerability Reserved
Mar 3, 2010