CVE-2009-0978

Oracle Database <11.1.0.6 - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-0975.

Exploits (1)

metasploit WORKING POC

by MC · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/sqli/oracle/lt_rollbackworkspace.rb

View Code ZIP pw:eip

References (6)

[Broken Link] http://osvdb.org/53734

[Permissions Required] http://secunia.com/advisories/34693

[Vendor Advisory] http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/34461

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1022052

[Third Party Advisory, US Government Resource] http://www.us-cert.gov/cas/techalerts/TA09-105A.html

Scores

EPSS 0.5392

EPSS Percentile 98.0%

Classification

Status draft

Affected Products (2)

oracle/database_10g

oracle/database_11g

Timeline

Published Apr 15, 2009

Tracked Since Feb 18, 2026