CVE-2010-4449

{"id": "CVE-2010-4449", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-01-19T17:00:02.593", "references": [{"url": "http://osvdb.org/70583", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/42919", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/45844", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1024973", "source": "secalert_us@oracle.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0141", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-017/", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64762", "source": "secalert_us@oracle.com"}, {"url": "http://osvdb.org/70583", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/42919", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/45844", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1024973", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2011/0141", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-017/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64762", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Audit Vault component in Oracle Audit Vault 10.2.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this issue is related to a crafted parameter in an action.execute request to the av component on TCP port 5700."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en el componente Audit Vault en Audit Vault de Oracle versi\u00f3n 10.2.3.2, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos. NOTA: la informaci\u00f3n anterior fue obtenida de la CPU de enero de 2011. Oracle no ha comentado las afirmaciones de un coordinador de terceros confiable de que este problema est\u00e1 relacionado con un par\u00e1metro especialmente dise\u00f1ado en una petici\u00f3n a la funci\u00f3n action.execute al componente av en el puerto TCP 5700."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:audit_vault:10.2.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "026D5D31-2821-45DE-887B-A937CDD7258E"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}