Vulnerability Details : CVE-2008-7236

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 and 10.1.3.1 allows remote attackers to affect integrity via unknown vectors, aka AS05.

Published 2009-09-14 14:30:01

Updated 2021-07-28 18:39:47

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2008-7236

Probability of exploitation activity in the next 30 days: 0.21%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 58 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2008-7236

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N	8.6	2.9	[email protected]
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2008-7236

http://www.vupen.com/english/advisories/2008/0180

Patch;Third Party Advisory

CVEs referencing this url
http://securitytracker.com/id?1019218

Patch;Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/cpujan2008-086860.html

Broken Link

CVEs referencing this url
http://www.vupen.com/english/advisories/2008/0150

Patch;Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/27229

Exploit;Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.us-cert.gov/cas/techalerts/TA08-017A.html

Patch;Third Party Advisory;US Government Resource

CVEs referencing this url
http://marc.info/?l=bugtraq&m=120058413923005&w=2

Issue Tracking;Mailing List;Third Party Advisory

CVEs referencing this url

Products affected by CVE-2008-7236

Oracle » Application Server » Version: 10.1.2.2
cpe:2.3:a:oracle:application_server:10.1.2.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.3.1
cpe:2.3:a:oracle:application_server:10.1.3.1:*:*:*:*:*:*:*
Matching versions