Text Form of Oracle Security Alert - CVE-2012-1675 Risk Matrix



This document provides the text form of the CVE-2012-1675 Advisory Risk Matrix. Please note that the CVE number in this document corresponds  to the same CVE number in the CVE-2012-1675 Advisory


Text Form of Risk Matrix for Oracle Database Server


This table provides the text form of the Risk Matrix for Oracle Database Server.


CVE Identifier Description
CVE-2012-1675 Vulnerability in the Listener component of Oracle Database Server. Supported versions that are affected are 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3 and 11.2.0.4. Easily exploitable vulnerability allows successful unauthenticated network attacks via Oracle Net. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to all Listener accessible data as well as read access to all Listener accessible data and ability to cause a partial denial of service (partial DOS) of Listener.

CVSS Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS V2 Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P). (legend) [Advisory]