Vulnerability Details : CVE-2012-1708
Unspecified vulnerability in the Application Express component in Oracle Database Server 4.0 and 4.1 allows remote attackers to affect integrity via unknown vectors.
Exploit prediction scoring system (EPSS) score for CVE-2012-1708
Probability of exploitation activity in the next 30 days: 0.22%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 60 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-1708
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
References for CVE-2012-1708
-
http://www.securitytracker.com/id?1026929
Oracle Database Bugs Let Remote Authenticated Users Gain Full Control and Let Remote Users Partial Access and Modify Data and Deny Service - SecurityTracker
-
http://www.securityfocus.com/bid/53104
Oracle Database Server CVE-2012-1708 Remote Application Express Vulnerability
-
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
Oracle Critical Patch Update - April 2012Vendor Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
mandriva.com
Products affected by CVE-2012-1708
- cpe:2.3:a:oracle:database_server:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:4.1:*:*:*:*:*:*:*