Description

Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle reference number 7892711. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

Remediation

References

CVE-2007-5554

Related Vulnerabilities

WordPress Plugin Logo Slider and Showcase Security Bypass (1.3.36)

MySQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4414)

Apache Tomcat Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-5345)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-12646)

GlassFish Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000029)

Severity

High

Classification

CVE-2007-5554 CWE-200

Tags

Missing Update Known Vulnerabilities