Back to search
CVE-2009-0981
Published: Apr 15, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that this issue allows remote authenticated users to obtain APEX password hashes from the WWV_FLOW_USERS table via a SELECT statement.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
34461
vdb-entry
x_refsource_BID
34693
third-party-advisory
x_refsource_SECUNIA
TA09-105A
third-party-advisory
x_refsource_CERT
20090416 Unprivileged DB users can see APEX password hashes
mailing-list
x_refsource_BUGTRAQ
http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html
x_refsource_CONFIRM
53738
vdb-entry
x_refsource_OSVDB
1022052
vdb-entry
x_refsource_SECTRACK
8456
exploit
x_refsource_EXPLOIT-DB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now