CVE-2014-6544

Severity

36%

Complexity

39%

Confidentiality

81%

Per http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html, "2014-October-20 - Removed 12.1.0.2 from the affected versions list for CVE-2014-6544 and CVE-2014-4289

Unspecified vulnerability in the JDBC component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2014-4289.

Per http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html, "2014-October-20 - Removed 12.1.0.2 from the affected versions list for CVE-2014-6544 and CVE-2014-4289

CVSS 2.0 Base Score 3.6. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:S/C:P/I:P/A:N).

Overview

First reported 10 years ago

2014-10-15 22:55:00

Last updated 8 years ago

2016-05-11 18:13:00

Affected Software

Oracle Database Server 11g 11.1.0.7

11.1.0.7

Oracle Database Server 11g 11.2.0.3

11.2.0.3

Oracle Database Server 11.2.0.4

11.2.0.4

Oracle Database Server 12.1.0.1

12.1.0.1

References

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

Patch, Vendor Advisory

70553

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.