Vulnerability Details : CVE-2009-1992

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Published 2009-10-22 18:30:00

Updated 2012-10-23 03:07:31

Source Oracle

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2009-1992

Probability of exploitation activity in the next 30 days: 1.18%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 83 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2009-1992

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	nvd@nist.gov
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2009-1992

http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html

Page not found | Oracle

CVEs referencing this url
http://www.us-cert.gov/cas/techalerts/TA09-294A.html

Oracle Updates for Multiple Vulnerabilities | CISA
US Government Resource

CVEs referencing this url
http://www.securityfocus.com/bid/36742
http://www.securitytracker.com/id?1023057

CVEs referencing this url

Products affected by CVE-2009-1992

Oracle » Database Server » Version: 10.1.0.5
cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Oracle » Database Server » Version: 10.2.0.4
cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Oracle » Database Server » Version: 9.2.0.8
cpe:2.3:a:oracle:database_server:9.2.0.8:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows