| Vulnerability Name: | CVE-2011-2231 (CCN-68627) | ||||||||
| Assigned: | 2011-07-20 | ||||||||
| Published: | 2011-07-20 | ||||||||
| Updated: | 2011-10-05 | ||||||||
| Summary: | Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, Oracle Fusion Middleware 10.1.3.5, allows remote attackers to affect availability via unknown vectors. Per: http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html 'Patching the client is required to protect applications that make use of the XML Developer Kit. However, patching the server is sufficient to protect the database.' | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P) 3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2011-2231 Source: CCN Type: Oracle Critical Patch Update Advisory - July 2011 Oracle Critical Patch Update Advisory - July 2011 Source: CONFIRM Type: Patch, Vendor Advisory http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html Source: CCN Type: OSVDB ID: 73950 Oracle Database XML Developer Kit Unspecified Remote DoS Source: CCN Type: BID-48746 Oracle Database Server CVE-2011-2231 Remote XML Developer Kit Vulnerability Source: CERT Type: US Government Resource TA11-201A Source: XF Type: UNKNOWN ora-dbserv-corerdbms-unspec-var4(68627) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||