CVE-2008-3983

Oracle Database <11.1.0.6 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-3983. PoCs published by sh2kerr, CG, including Metasploit module auxiliary/sqli/oracle/lt_mergeworkspace.

AI-analyzed exploit summary This exploit leverages SQL injection in Oracle 10g's SYS.LT.MERGEWORKSPACE to grant DBA privileges to the SCOTT user and execute arbitrary OS commands via Java procedures. It demonstrates privilege escalation and remote code execution.

Description

Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and CVE-2008-3984.

Exploits (2)

exploitdb WORKING POC VERIFIED

by sh2kerr · textlocalmultiple

https://www.exploit-db.com/exploits/7676

View Code ZIP pw:eip

This exploit leverages SQL injection in Oracle 10g's SYS.LT.MERGEWORKSPACE to grant DBA privileges to the SCOTT user and execute arbitrary OS commands via Java procedures. It demonstrates privilege escalation and remote code execution.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Oracle 10g (10.1.0.5.0)

Auth required

Prerequisites: Access to a database account with sufficient privileges to execute SYS.LT.MERGEWORKSPACE

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC

by CG · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/sqli/oracle/lt_mergeworkspace.rb

View Code ZIP pw:eip

This Metasploit module exploits a SQL injection vulnerability in Oracle's SYS.LT.MERGEWORKSPACE procedure (CVE-2008-3983) by creating a malicious function and executing arbitrary SQL commands. It leverages base64-encoded payloads to bypass restrictions and grants DBA privileges to the specified user.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Oracle Database (versions affected by CVE-2008-3983)

Auth required

Prerequisites: Execute privilege on SYS.LT package · Valid database credentials

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html

Permissions Required third-party-advisory x_refsource_secunia

http://secunia.com/advisories/32291

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/45886

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1021050

Not Applicable vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2008/2825

Scores

EPSS 0.4270

EPSS Percentile 98.5%

Details

Status published

Products (5)

oracle/database_10g 10.1.0.5

oracle/database_10g 10.2.0.3

oracle/database_11i 11.1.0.6

oracle/database_9i 9.2.0.8

oracle/database_9i 9.2.0.8dv

Published Oct 14, 2008

Tracked Since Feb 18, 2026